STU aS at 


= A preview of what attendees will see at this week’s Storage Networking World in aus j 
LO Milan e lms -1 ay St about liability tap tools to prevent illegal P2P file-sharing. PAGE 


COMPUTERWORLD 


Wide- 


THE VOICE OF IT MANAGEMENT © WWW.COMPUTERWORLD.COM 


Meme me LOB 3 
Baxter International 
Inc., helps his com- 
PENA il cel)(-) 
its new medical 
ONT cm 


Nn 


Thesawiest ClOs 

are venturing far 

fromthe data center 

and playing arolein 

various non-IT realms, such as analyzing 
acquisition targets, re-engineering business 
processes, developing new products and 
even going on sales calls. PAGE 31 


APRIL 5, 2004 « VOL 0.14 


$5/COPY 








NEWSPAPER 


I; LeMestesoaltMessattecttesebsteslctestel Loe 
RBXSCIF TRASREEREKEREARECAR-RT LOT&&B-O52 


#8234939/CB/@% CW2084140 O82 15423 


3s % 
PROQUEST 
PO BOX 984 
ANN ARBOR MI 4816-9984 





Users Cautiously Optimistic 
About Sun-Microsoft Accord 


Welcome improved collaboration, integration 


promised with settleme nt of legal disputes 





BY PATRICK THIBODEAU 
AND TODD R. WEISS 


but hopeful about Sun Micro- 
systems Inc. CEO Scott 
McNealy’s decision to 
settle his company’s 
long-running legal 
battle with Microsoft 


| 
| 
Users on Friday were guarded 
| 


all 


Join our online 
discussion forum 


operation to foster interop- 
erability. 

The announcement was a 
stunning turnabout for Mc- 
Nealy, who was until very re- 
cently prone to sting- 
ingly refer to Micro- 
soft as a “convicted 
monopolist.” But in 


Corp., ostensibly ara weigh in on the end, McNealy, who | 
ending years ofcon- tha initiated the discus- 


tention and ushering 
in a new era of co- 


More IT Jobs to Go Offshore, 
Controversial ITAA Report Says Z 


Concludes that Us. 
economy will benefit 
from growing trend 


BY PATRICK THIBODEAU 
WASHINGTON 


More IT jobs will be created | 


offshore than onshore over 
the next five years, but the 
overall U.S. economy will get 





agreement: 
Quickiink 24210 


| group that’s lobbying Con- 


sions with Microsoft 
CEO Steve Ballmer to 


a boost from the cost savings 
that offshore outsourcing 
yields. 

That’s the conclusion of a 
controversial report released 
last week by the Information 
Technology Association of 
America, a high-tech trade 


gress in favor of offshoring. 
The firm that conducted the 
research on behalf of the 
ITAA, Waltham, Mass.-based 
Global Insight Inc., found that 
while wages and jobs will in- 
crease in the economy overall, 
the outlook for IT workers 
may be less positive. 

“Some workers may have to 
take a job that pays less than 
their [current jobs],” 
IT workers will face “wage 
compression” as a result of 
overseas competition, said 
Nariman Behravesh, chief 
economist at Global Insight. 

ITAA Report, page 13 





and some | @ 


cease the corporate hostili- 
ties, said he had heard from 


| too many customers who told 


him pointedly to “cut the 
rhetoric, Scott, [and] go get 


| interoperable.” 


But many users won't be 


| ready to applaud until they 


get answers to questions 


| about how Sun and Microsoft 


will improve integration of 


| their server, database, directo- 
| ry, identity management and 


other products. 
“It’s good that there is go- 
ing to be an era of coopera- 
Sun-Microsoft, page 6 


a 


a oe 


Rue mer eC Th) 
See ae elmer 





2004, Sybase. inc 


ROADMAP 


to REAL-TIME NIRVANA 


your guide to the 
YNWIRED ENTERPRISE 


Events Trigger Data 


edema eu ao la 
customer service. Sybase Adaptive 
Server® Enterprise enables your 
business processes to respond to 
Se CHU MET ade 


Data Goes Into Action 


No more Information lags. Sybase Real 
uM EC eT re mn 
PERCH CR CC me ie 
CRU meme 


Sybase and the Sybase lege are registered trademarks of Sybase. Inc. XPLANATIONS™ by Xplane.com®. All other company and product names mentioned may be trademarks of the respective companies with which they are associated 





Data Goes To The Edge 


Real-time data everywhere. Sybase 
DO ee Wu aren 
CU Cm Ce he 
PCIE MUG Cue CUE) CL 


Data Gets A Lot Smarter 


SOE eb CRTs ec Ra 
TO AS PES Cu aL 
isolated events with knowledge and then 
CRU UROL 
We UE De 


Sybase Real Time Data Services 
can help your enterprise 
become smarter, faster, and more 
responsive. Implementing 
a real-time initiative? Start with 
our new White Paper. 


The Enterprise. Unwired. 


CR ae) Cg 
AVN LEC ol Aa 





BrightStor» ARCserve® Backup Release 11 


When it comes to data backup and recovery, you want a reliable, high-performance solution you 
can count on. That's why we've created BrightStor ARCserve Backup Release 11, featuring the 
very latest in storage innovations. BrightStor ARCserve Backup is faster and easier than ever, 
enhancing both efficiency and productivity. And with CA's superior technology, you can be 
confident your files are properly backed up and will easily be restored should a disaster occur. 


For more information, go to ca.com/storage/arcserve. 


Computer Associates® 


© 2004 Computer Associates International, Inc. (CA). 








Search for Tomorrow 
in this week's Technology section: Researchers are 
building search engines that will serve up results 


04.05.04 | 


Winning the Name Game 
Also in this week's Technology section: 
New software tools and services are 
helping companies monitor their rep- 


based on your interests and priorities and that 


; utations on the Web. Page 19 
will get better the more you use them. Page 26 or 0 


ONLINE 


WWW.COMPUTERWORLD.COM 


: TECHNOLOGY OPINIONS 





Interoperability within SANs 


is a must for any new prod- 
ucts, say IT managers in an- 
ticipation of this week’s Stor- 
age Networking World show. 


Supply chain tools help a lad- 
der maker deal with the loss of 
its Home Depot sales channel. 


IBM eases licensing of its 
Power architecture in order to 
advance systems integration. 


Gateway enters the network- 
ing equipment market. 


Companies crack down on 
peer-to-peer file-sharing on 
their networks. 


BMC’s performance manage- 
ment software helps a health 
care network save $850,000 
on a mainframe upgrade. 


Wage inflation isn’t expected 
to deter interest in offshoring 
to India anytime soon. 


Use of IT contract workers will 
climb this year, but slowly. 


Best Buy investigates out- 
sourcing its IT and call center 
operations. 


) Fortify Software launches 
tools for security testing dur- 
ing application development. 


SAS releases a software up- 
grade that could make it easi- 
er for users of data marts to 
manage the analysis tools. 


IBM appears confident that 
it will prevail in its court dis- 
pute with SCO. 


Grid. Vendor support is just 
beginning to emerge and stan- 
dards are still evolving, but 
interest is growing in grid 
technology as a way to share 
data within an enterprise 

and outside it. 


28 Security Manager's Journal: 


Cheap Scanning Comes at a 
Price. Using free Nessus soft- 
ware for port scans saves 
money, but shortcomings in 
the application’s reporting 
and management capabilities 
send Mathias Thurman look- 
ing for alternatives. 


MANAGEMENT 





31 The Wide-Ranging CIO. Cor- 


porate IT budgets may be flat 
overall and technology expen- 
ditures more heavily scruti- 
nized than ever, but there’s no 
question that the CIO’s role 
and influence are expanding 
well beyond the traditional 
boundaries of IT. 


34 Think Tank: Brain Food for IT 


Executives. At a time when 
corporations are increasingly 
reliant on IT, boardrooms are 
lacking in technical knowl- 
edge and experience, says a 
study by Burson-Marsteller. 
Plus, we take our monthly 
look at the IT economy. 


36 Career Watch. We look at 


outsourcing’s impact on IT 
jobs, find that Cisco experts 
are more likely to get raises 
and learn that retaining key 
workers matters most at pri- 
vate, fast-growth companies 


22 Data Finds a Place on the 8 On the Mark: Mark Hall re- 


ports that outsourcers say 
their labor-cost advantage 
may be only temporary. 


Maryfran Johnson is happy to 
see CIOs breaking out of their 
traditional roles in IT to work 
on strategic projects in busi- 
ness development, compli- 
ance and other vital functions. 


Pimm Fox notes that there are 
ways to protect customers’ 
credit card information, but 
they need to be used. 


Michael Gartenberg thinks 
three troubled fronts could 
converge to wreak havoc for 
Microsoft. 


30 Paul A. Strassmann cautions 
about making outsourcing de- 
cisions when you can’t see the 
value chain from the competi- 
tor’s point of view. 


37 Paul Glen observes that tech 
smarts, education and bossi- 
ness aren’t good predictors of 
IT leadership success. Flexi- 
bility and the ability to com- 
municate are more important. 


46 Frankly Speaking: Frank 
Hayes says the ITAA hopes its 
bedtime story of a jobs report 
will give IT workers sweet 
dreams. But it’s more likely 
to cause nightmares. 





DEPARTMENTS/RESOURCES 
News Briefs ............. ee 
ENG os ocr ccandttrcx eis 17 
IT Careers 

Company Index 

How to Contact CW... 

Shark Tank 


IT On Board 

DEFENSE/AEROSPACE: Computerworld’s Dan 
Verton gets a close-up look inside the U.S. 
Navy’s latest experimental ship, the HSV 2 
Swift, and its next-generation shipboard IT 
capabilities. See photos from his tour. 

© QuickLink 24180 


ls Offshoring a Threat to Privacy? 


OPINION: Jay Cline says U.S. companies 
should be verifying data security at all con- 
tractor sites, whether they’re in Bombay or 
Peoria. @ QuickLink 45902 


Keys to Great IT 

Security Operations 

SECURITY: In the first part of a two-part se- 
ries, Tripwire CTO Gene Kim analyzes three 
crucial management practices common to 
high-performing security and IT operations. 
© QuickLink 44142 


How to Hire Members of 

A Collaborative Team 

DEVELOPMENT: Columnist Esther Derby 
offers tips on what to look for when adding 
staffers to a cross-functional, self-organizing 


group. @ QuickLink 45901 


Protect Your Network Against 
VPN-Introduced Threats 


NETWORKING: Virtual private networks can 
be a pathway for attack if remote systems 
aren’t properly secured. Two Avanade con- 
sultants outline one method of defense. 


© QuickLink 45952 


What's a QuickLink? 
Throughout each issue of 
Computerworld, you'll 

see five-digit Quicklink codes 

pointing to related content on 
our Web site. Also, at the end of 
each story, a Quicklink to that 
story online facilitates sharing it 
with colleagues. Just enter any 
of those codes into the Quick- 

Link box, which is at the top of 

every page on our site. 


ONLINE 
DEPARTMENTS 


Breaking News 
© QuickLink a1510 


Newsletter 
Subscriptions 
© QuickLink a1430 


Knowledge Centers 
OG a 
The Online Store 

© QuickLink a2420 





0 COMPUTERWORLD April 5, 2004 


NEWS 


IT Execs Seek Links 
Between SAN Devices 


Vendors tout new products, but IT 


managers say interoperability is a must 





BY LUCAS MEARIAN 
HIS WEEK’S Storage 
Networking World 
Spring 2004 confer- 
ence will showcase 

new products from companies 

like Microsoft Corp. and Snap 

Appliance Inc. But several 

users said last week that ven- 

dors need to make sure that 
the technology they develop 
can work in multivendor stor- 
age-area networks (SAN). 
“Whatever you give me with 
information life-cycle manage- 
ment and all this other stuff 
that’s coming down the pipe, 
don’t introduce any of this at 
the expense of these other 
things that I’ve come to de- 
pend on in my storage infra- 
structure,” said Laurence 

Whittaker, supervisor of en- 

terprise storage management 


at Hudson’s Bay Co. in Toron- 
to. Whittaker said he needs to 
be able to do reliable data 
backup and recovery. 


Interoperability Thorn 

Rick Bauer, CIO at The Hill 
School in Pottstown, Pa., said 
that although his IT staffers 
have become more comfort- 
able with storage networking 
technologies, it’s more critical 
than ever to prove the busi- 
ness case for storage invest- 
ments to top administrators at 
the prep school. 

“A lot of this stuff in the past 
got deployed as an IT initia- 
tive. ... Given the costs, Sar- 
banes-Oxley and HIPAA, it’s 
becoming more of a strategic 
discussion,” he said, referring 
to regulatory record-keeping 
requirements. 





Continued from page 1 
Sun-Microsoft 


tion, but what does it really 
mean to people?” said Satish 
Ajmani, CIO of the Santa 
Clara County government in 
California. “What are they go- 
ing to deliver that’s different 
from what we have today, and 
will it result in an overall cost 
reduction for us?” 

“That’s potentially interest- 
ing news, and I would be bor- 
derline happy,” said Daniel 
Morreale, CIO at the North 
Bronx Healthcare Network in 
New York. But first, he said, “I 
want to see something con- 
crete and real happen.” 

But if the announcement 
lives up to its claims, Morreale 
said information sharing be- 
tween his Sun and Windows 
systems might improve. “Long 
term, it should make my life a 
little easier, and certainly my 
systems administrators’ lives a 





little easier,” he said. 

Richard Teasdale, a Unix 
administrator and second vice 
president at General Reinsur- 
ance Services Corp. in Trum- 
bull, Conn., was also cautious 
with his praise. “Until I know 
more details about it, I don’t 
see any real pluses or minuses 
for us,” Teasdale said. “I don’t 
know if this is a sign that [Mi- 
crosoft] wants to do more in 
the Unix and Linux spaces. 
That could be good for us.” 

Sun’s decision to end the 
dispute with Microsoft is in 
fact the latest in a series of 
moves the company 
has taken to broaden 
its reach beyond 
its Unix system. 

The company has 
strengthened its x86 
low-end server line, 
embraced Linux and 
adopted the Opteron 
processor from Ad- 
vanced Micro De- 
vices Inc. 





eta Vm oem CU 
to see something 
concrete and real.” 


Bauer added that a smooth- 
running IT infrastructure de- 
pends on tools that can be 
used to provision and manage 
storage on an enterprisewide 
basis. But a lack of interoper- 
ability and tight integration 
between competing storage 
devices on SANs remains a 
thorn in his side. 

Vendors said they’re trying 
to address such concerns. For 
example, the Storage Net- 
working Industry Association 
today will announce at the 
conference a list of vendors 
whose products have passed a 
conformance-testing program 
designed to validate compli- 
ance with the Storage Man- 
agement Initiative Specifica- 
tion. The specification was de- 
signed to let storage manage- 
ment tools control devices 
from different vendors. 

The SNIA and Computer- 
world are jointly sponsoring 


| Storage Networking World, 





a4 Don't intro- 
duce any of 
this at the expense 
of these other 
things that I’ve 
come to depend 
on in my storage 
infrastructure. 


Cee eeeeeeeeeseeseronee erercese 


LAURENCE WHITTAKER, SUPERVI- 
SOR OF ENTERPRISE STORAGE MAN- 
AGEMENT, HUDSON'S BAY CO. 


which starts today in Phoenix. 
The SNIA also plans to an- 
nounce that its Object-based 
Storage Device specification 
has completed the American 
National Standards Institute’s 
T10 letter ballot process. 

The OSD specification is 
meant to support a new class 
of shared storage systems 
based on an architecture of 
data objects — containers that 
house both application data 
and an extensible set of stor- 
age attributes. 

Microsoft is due to an- 
nounce that its Windows Stor- 
age Server 2003 operating sys- 
tem will now allow users to 
store Exchange messaging 





“When things aren’t going 
well, you have to look for ways 
to make changes,” said Tom 
Murphy, an analyst at Meta 
Group Inc. in Stamford, Conn. 

And things certainly haven’t 
been going well for Sun. The 
company last week said it 
would cut its workforce by 
3,300 employees after report- 
ing a net loss for the quarter 
that ended March 28. 

Microsoft is paying Sun $700 
million to resolve its antitrust 
issues and $900 million to set- 
tle patent disputes. For users, 
one source of cost savings may 
be the end to the dis- 
pute over Microsoft’s 
use of the Java Virtual 
Machine. Microsoft 
had been planning to 
end support of its 
JVM in September as 
part of an earlier set- 
tlement, and users 
would have faced the 
cost of switching to 
Sun’s JVM. 





Under the agreement an- 
nounced Friday, the compa- 
nies will also share communi- 
cations protocols, set Win- 
dows certifications for Sun 
servers, and improve techni- 
cal integration between Java 
and .Net. 


Benefit Analysis 

Rudy Ebisch, assistant techni- 
cal support director at printer 
and copier vendor Canon USA 
Inc. in Lake Success, NLY., said 
he wants to know what Micro- 
soft Chairman Bill Gates gets 
out of the deal. 

“What can he get from Sun 
that he can use?” Ebisch said. 
“T don’t get it.” 

For customers who found 
themselves in the middle of 
the Sun-Microsoft battle, the 
settlement and technical in- 
formation-sharing agreements 
have the potential of making it 
“easier for organizations that 
have both Windows and So- 
laris to build cooperative com- 








www.computerworld.com 


files on network-attached 
storage (NAS) devices. Most 
of the storage vendors that re- 
sell the software are expected 
to make the Exchange feature 
available within 60 to 90 days, 
according to Marcus Schmidt, 
a storage product manager at 
Microsoft. 

San Jose-based Snap Appli- 
ance is rolling out Version 3.0 
of its GuardianOS software 
with new capabilities that will 
let the company’s users store 
block-level data on its NAS 
boxes for the first time. Jim 
Sherhart, product manager for 
enterprise systems at Snap, 
said the upgraded software 
uses the Internet SCSI proto- 
col to create logical disks 
within its file system. 

Snap also plans to announce 
a NAS device that scales from 
5TB to 29TB, nearly 10 times 
its previous maximum capaci- 
ty of 3TB. The Snap Server 
15000 starts at $34,990 and 
lists at $185,000 for a fully pro- 
visioned model. @ 45914 


MORE ONLINE 


EMC Corp. has modified its Clariion disk 
arrays to emule ~ tape libraries: 


QuickLi.::. 45941 
www.computerworld.com 


puting solutions,” said Dan 
Kusnetzky, an analyst at re- 
search firm IDC. 

George Weiss, an analyst at 
Gartner Inc. in Stamford, 
Conn., said the agreement may 
help Sun get past the view 
among some users that Solaris 
is “the central focus of all their 
major strategies.” 

“It’s really the development 
environment that is crucial,” 
said Weiss. “The users want 
the cheapest hardware.” 

Sun also announced on Fri- 
day that Jonathan Schwartz, 
who headed Sun’s software 
business, had been promoted 
to president and chief oper- 
ating officer. McNealy, who 
had held the president title, 
remains chairman and CEO. 


@ 45957 


For additional details on the agreement, 


| _ visit our Web site: 


QuickLink a4220 
www.computerworld.com 





www.computerworld.com 


Ladder Maker Uses Supply Chain 
Tools to Climb Out of Sales Hole 


Software helps ramp down production 


after shipments to Home Depot end 


BY MARC L. SONGINI | 
CHICAGO | 
In February, Werner Co. 
stopped shipping its ladders to | 
The Home Depot Inc. The 
home improvement retailer 
was Werner’s biggest cus- 
tomer, but the company was__| 
able to cushion the blow 
thanks to its production plan- 
ning and reporting system. 

Werner used the system to 
quickly ramp down produc- 
tion on its assembly lines and 
avoid purchases of excess 
stock while it phased out de- 
liveries to Home Depot, a 
process that began last No- 
vember, said David Conn, 
Werner’s director of corporate 
logistics. Conn and another | 
executive from the Greenville, 
Pa.-based ladder-maker spoke 
at last week’s Suppiy-Chain 
World North America 2004 
conference here. 

The production and distrib- 
ution planning system “helped 
immensely when Werner 





made the difficult decision to 


DAN VERTON 


exit the Home Depot busi- 
ness,” Conn said. He added 
that the move came after 
Home Depot increased its 
sourcing of ladders from over- 
seas manufacturers. Werner 
initially bid on the remaining 
business but then decided that 
it “did not support our corpo- 
rate goals,” Conn said. 
Werner’s system is based on 
demand-forecast- 
ing and distribu- 
tion-planning ap- 
plications devel- 
oped by BT Smith 
and Associates in 
Butler, Pa. Produc- 
tion and demand 
data is extracted from the ap- 
plications and imported into 
Microsoft Access and Excel 
spreadsheets for end users. 
The system helps Werner 
create what-if scenarios as 
well as production schedules, 
Conn said. The production 
plans are then fed into its 
manufacturing execution sys- 
tem, which currently includes 


Revolutionary IT Advances 
Surface on New Navy Vessel 


THE U.S. NAVY has a new ship 
in its fleet that officers say may be 
the most technologically ad- 


vanced vessel produced to date, 
with IT capabilities that are revo- 
lutionizing naval warfare and may 


a mix of applications devel- 
oped by Mapics Inc. and J.D. 
Edwards & Co. 

During the Home Depot 
phaseout, production planners 
and business managers at 
Werner were also able to use 
the system to prevent any ser- 
vice disruptions to Werner’s 
other customers, Conn said. 

“We thought ladders were 
safe from [competition com- 


ing from] over the ocean,” said | 


Bill Rippin, vice president of 


| supply chain ai Werner. “If we 


pease — 


MORE ONLINE 


Conference attendees talk 
about the challenges of 
supply chain projects 

© QuickLink 45959 
www.computerworld.com 


ciaichaipeieainininae 


didn’t have this 
stuff, it would have 
been a more diffi- 
cult time.” 

Werner is a pri- 
vately held compa- 
ny that had rev- 
enue of $538 mil- 


| lion last year. Conn didn’t say 
how much Werner reduced its 
| costs because of the technolo- 


gy while phasing out ship- 
ments to Home Depot. But he 


| said that without it, Werner 


wouldn’t have been able to do 


| things such as decide which 
| production lines to take off- 


line or how to shift manufac- 
turing and distribution re- 


play a vital role in military re- 
sponses to potential terrorist at- 
tacks in the U.S. 

There are only 42 sailors in the 
crew of the HSV (High Speed 
Vessel) 2 Swift, a 294-foot, alu- 
minum-hulled catamaran. But the 
ship's extreme levels of automa- 
tion make up for the lack of man- 
power. 

Nearly every function of the 
ship, from navigation and steering 
to engine and damage control, is 
conducted and monitored using 
commercial, off-the-shelf hard- 
ware and software. 

Computerworld reporter Dan 
Verton went aboard the Swift last 
week and filed an exclusive photo 
journal on the vessel's cutting- 
edge IT systems. You can see 
his report on our Web site at 
QuickLink 24180. 





sponsibilities among facilities. 

Various iterations of the 
production planning system 
have been in place for the past 
six years. It was originally 
built without a corporate man- 
date as the skunk works brain- 
child of an informal group 
consisting of Conn and two 
other employees from differ- 
ent parts of the company. 

The technology cost for the 
system only amounted to five 
figures, Conn said, declining 
to be more specific. When 
work on the system began, 
each of Werner’s business 
units “had its own agenda,” he 
said. “Early in this project, we 
bridged the silos.” 

But because there was no 


& © if we didn't 

x have this stuff, 
it would have been a 
more difficult time. 


BILL RIPPIN, VICE PRESID 


PPLY CHAIN. WERNER CC 
formal structure for the sup- 
ply chain work, the most sig- 
nificant progress didn’t occur 
until 2001, Conn said. That 
year, Werner saw business im- 
provements such as a dou- 
bling of its annual finished- 
goods inventory turns. “While 
we did achieve good things, 
we could have done it a lot 


quicker,” he noted. @ 45940 


IBM to Ease Licensing 
Of Its Power Architecture 


Strategy aimed at 


| better integration 


| BY PATRICK THIBODEAU 


NEW YORK 

IBM last week outlined a plan 
to facilitate third-party licens- 
ing of its Power architecture 


| as a means of advancing inte- 


gration of a broad range of 


| systems, from small devices to 
| large servers. 


Company officials said the 
ability to integrate a variety of 
products is of more concern to 
corporate users than chip per- 
formance benchmarks. “Inte- 


| gration eclipses gigahertz,” 


said Bernie Meyerson, chief 
technologist in IBM’s semi- 
conductor division. 

Brian Perlstein, systems ar- 


| chitect for infrastructure at 


Oakwood Healthcare System 
in Dearborn, Mich., said he’s 
unclear about the extent to 
which IBM’s Power-based in- 
tegration strategy will extend 
to medical devices. But if the 
approach enables the removal 


| of middleware between a de- 


vice and a server, “that would 
be really advantageous for us’ 
because it would remove a po- 
tential point of failure, he said. 
The move to expand the 
Power architecture to a wider 
range of systems may give 


companies the confidence 
they need to make long-term 
investments in Power prod- 
ucts, said Richard Partridge, 
an analyst at D.H. Brown As- 
sociates Inc. in Port Chester, 
N.Y. “This is not a doomed ar- 
chitecture,” he said. 

The Power chip is used in 
high-end Unix and iSeries 
(formerly AS/400) servers, 
technical workstations, em- 
bedded devices and Apple 
Computer Inc.’s Macintosh 
systems. By lowering the bar- 
riers to licensing, IBM may at- 
tract more designers and ven- 
dors and improve chip sup- 
port, said Shane Rau, an ana- 
lyst at research firm IDC. 


Community Mode! 

IBM is comparing the “com- 
munity model” approach it’s 
adopting for the Power archi- 
tecture with that associated 
with the Linux operating sys- 
tem, which it sees as key for 
third parties adopting the 
Power architecture. But com- 
pany officials stressed that 


| IBM is not moving away from 
its AIX version of Unix. 


“We are continuing to invest 


| heavily in AIX for customers,” 


| said Adalio Sanchez, general 


| manager of IBM pSeries 


servers. “We are absolutely 
committed to AIX.” @ 45939 





COMPUTERWORLD Ayri's,2004 


“ 


© COMPUTERWORLD April 5, 2004 


Has 


McDonald’s Signs 
Deal for IT Support 


McDonald’s Corp. plans to out- 
source management of the IT 
infrastructure that supports its 
North American operations to 
Affiliated Computer Services Inc. 
Dallas-based ACS said the sev- 
en-year contract includes the 
fast food chain’s mainframes, 
servers, end-user systems and 
help desks. ACS valued the deal 
at $219 million. An undisclosed 
number of IT workers will trans- 
fer from McDonald’s to ACS. 


IBM Buys Candle, 
Adds System Tools 


IBM said it has agreed to buy 
Candle Corp., a vendor of tools 
for managing mainframes and 
other servers, for an undisclosed 
price. IBM's Tivoli Software unit 
already sells mainframe man- 
agement tools, but the company 
said it’s committed to supporting 
El Segundo, Calif.-based Can- 
dle’s Omegamon product line. 
The acquisition is expected to be 
completed by midyear, IBM said. 


Via E-mail, Gates 
Gives Security Plan 


Bill Gates, Microsoft Corp.’s 
chairman, sent a group of users 
who subscribe to an e-mail list a 
3,500-word message that de- 
tailed the company’s plan to bet- 
ter secure its software. Gates 
also noted that Microsoft will be- 
gin a series of regional security 
training events this week. The 
company had already announced 
most of the initiatives. 


Microsoft Expands 
VoIP in Win CE 5.0 


Microsoft also said its upcoming 
Windows CE 5.0 operating sys- 
tem will provide expanded voice- 
over-IP capabilities, including 
VoIP support for dual-mode cel- 
lular and wireless LAN devices. 
In addition, Microsoft today will 
announce the formation of an 
RFID vendor council. 


| 
j 
| 
| 
| 


MARK HALL ®*ON THE MARK 


Offshore Outsourcers 
Claim Low-Cost ... 


... advantage is merely temporary. “It’s not about competing on price,’ 


’ 


suggests Prime Joseph, chief operating officer of Allserve Systems 
Corp. Allserve is based in New Brunswick, N,J., but most of its 3,200 
employees work in India. He says what attracts IT to his company is the 
quality of its workers, the number and kind of college degrees they 
hold and their years in the field. Bob Evans, the Palo Alto, Calif.-based 


CEO of Symphony Services Corp., which 
has global headquarters in Bangalore, In- 
dia, is in full agreement. “If all we have is 
a cost-structure differential, the business 
is doomed,” he says. Evans adds that “the 
meaningful wage gap” will continue only for 
another four or five years because of salary 
hikes in Bangalore and deflation of con- 
tractor prices in the U.S. Joseph adds that 
later this month, his company will open a 
call center in the U.S. because the busi- 
ness reasons for having one closer to cus- 
tomers ' uw outweigh the narrowing 
wage difference. But Mark Hebert, execu- 
tive vice president of marketing and al- 
liances at Fremont, Calif.- 
based Sierra Atlantic Inc., 
which has 450 workers in In- 
dia out of 525, still touts price 
as the key reason to offshore 
projects. Throwing a project 
over the wall to his Indian 
troops will enable clients to 
immediately cut costs by half, 
he says. And Hebert claims 
that by about the third proj- 
ect, when most of the project 
management wrinkles have 
been ironed out, IT develop- 
ment in India “will deliver a 
3-to-1 cost advantage” over 
the U.S. Indeed, Julie Hanna 


Pye ee 





Captaris Inc. in Belle- 
TUM Art em 
month will ship a 
workflow wizard for 
its RightFax applicag 
Cy Mm eRilV mee) ee 
which costs $3,000, 
lets users bind incom- 
ing and outgoing 
PEP OEM cis} 
gel Le o13) 
from supply chain 


Farris, CEO of Scalix Corp. in San Mateo, 
Calif., says this month her start-up will 
shift a significant amount of its software 
development to India because “within 
three years, we'll save seven figures.” No 


| small amount for a company getting off 


the ground. Hebert argues that companies 
such as Scalix would have outsourced the 
work anyway and probably wouldn’t have 
hired any local employees. Add it up, he 
acknowledges, and “outsourcing reduces the 
number of consulting jobs in the U.S. and the 
billing rates.” "= Symphony and Sierra At- 
lantic target IT vendors in Silicon Valley 
as well as corporate IT managers for 
work. Both Evans and Hebert 
' emphasize the importance 

- for start-up companies to 
push work overseas, suggest- 
ing that venture capitalists like 
to see offshore development as 
part of their business plans. 
“VCs will fund start-ups who 
have some amount of off- 
shore work being done,” 
Hebert says. Maybe in Silicon 
Valley VCs think that way, 
but in Washington, where 
Core Capital Partners is 
based, they have different 
ideas. “I’m not seeing any start- 
ups pressured to have develop- 





www.computerworld.com 


ment done overseas,” says Pascal Luck, 
the high-tech VC’s managing director. 
“Cost per man-hour is less, but you have 
to figure out the efficiency of having two 
operations,” he advises. In addition, Luck 
worries about a start-up willing “to move its 
crown jewels overseas.” He says he wants 
his investment “to keep control over its 


| intellectual property.” Sending it abroad 


just doesn’t seem like the right control 
strategy to him. ® A VC-funded company 
in Bath, England, is opening its doors in 
the U.S. Duncan Pauly, founder and chief 
technology officer of CopperEye Ltd., has 
just hired Kate Mitchell as CEO, to be 
based in San Francisco. The reason? This 
is where most of the appallingly slow data 
warehouses are located. Why are they so 
slow? Because data warehouse develop- 
ers don’t distinguish between static and 
dynamic data, thus bogging down the re- 
lational database. Pauly classifies static 
data as one-time, unchangeable events 
such as clickstream data from Web visi- 
tors. Dynamic data is what belongs in a 
warehouse. The CopperEye Software De- 
velopment Kit lets developers separate 
static from dynamic data so that the data 
warehouse’s relational database has to 
churn just the important stuff, calling in 
static data only when required. A new 
version now in beta makes it easier for 
business analysts and database adminis- 
trators to do chores now handled by pro- 
grammers. Pricing starts at $50,000 per 
CPU. ® A new release of real-time data 
analysis software from Webplan Inc. in 
Ottawa will be available later this quar- 
ter. RapidResponse 7.3 answers what-if 
queries on live data feeds from multiple ap- 
plications such as ERP and CRM pro- 
grams. The upgrade is fully 64-bit and 
features increased financial analysis ca- 
pabilities and new tools to quantify re- 
sults from engineering change orders 
anywhere in the development or produc- 
tion cycle. Pricing starts at $250,000. 

@ 45907 





Gateway Enters Networking Market 


a “miniscule” amount of rev- 

enue from its switching line. 
More than half of Gateway’s 

total revenue of $3.4 billion for 





BY MATT HAMBLEN 
Expanding its efforts to reach 
IT managers, Gateway Inc. 
tomorrow plans to announce 
that it’s entering the corporate 
networking equipment market 
with a line of wireless access 
points and low-end LAN 
switches. 

The company will offer nine 
switches ranging from $79 to 
$799 and two access points 
priced at $299 and $399, pri- 
marily for midsize businesses, 





said Chad McDonald, manager 
of Poway, Calif.-based Gate- 
way’s networking division. 

One of Gateway’s goals is to 
give corporate users a well- 
rounded product offering, said 
McDonald. The company al- 
ready sells servers to busi- 
nesses but has had to refer 
customers who want switches 
to other vendors, he said. 

The new products will butt 
heads with offerings from Dell 
Inc., which started selling 





switches in September 2001. 

“These are definitely rock- 
bottom prices,” said Maximil- 
ian Flisi, an analyst at research 
firm IDC. But he added that 
Gateway will primarily offer 
the networking gear to com- 
plement its servers, PCs and 
storage devices. 

“They aren’t going to gain 
new customers by doing this, 
and if they expect to do so, 
well, good luck to them,” Flisi 
said. He noted that Dell makes 





last year came from sales of 
corporate-oriented products 
and services, said company 
spokesman Ted Ladd. 
Separately, Gateway last 
week announced plans to 
close its 188 company-owed 
retail stores as of this Friday, 
laying off about 2,500 workers 
as part of the move. The com- 
pany said it will seek wider re- 
tail distribution of its con- 
sumer products. @ 45938 





You like your job. And the boss likes you - 
as long as the SAN is up and running. 


Keep it that way with NetWisdom and Xgig Analyzer, the SAN monitoring and analysis 
tools that identify catastrophic events before they shut your network down. SAN faiiure 
occurs after an accumulation of invisible errors. Finisar’s NetWisdom and Xgig Analyzer 
proactively identify and troubleshoot network errors, reducing business losses, tech- 
nology costs, and customer service voids. 


Research shows that SAN downtime can cost organizations $100,000 per minute, 
or more.* NetWisdom and Xgig help you avoid these costs by conducting accurate 
performance tuning and capacity planning. 


When data stops moving, so do the dollars. Be part of the solution: monitor your 
SAN with Finisar network tools and stop degradation, CRC errors and events that can 
impact your most critical business data and transactions. 


View our web seminar, including a customer case study and demo of NetWisdom by 
visiting www.finisar.com/nw 


Finisar 


Finisar has been speeding up networks and 
delivering best-of-breed products and testing 
solutions since 1988. NASDAQ: FNSR. 


www.finisar.com/nw 





WW COMPUTERWORLD April 5, 2004 


NEWS 


Liability Concerns Prompt 
Corporate P2P Crackdown 


Firms guarding against suits related to 
illegal music- sharing on their networks 





BY JAIKUMAR VIJAYAN 
HE ONGOING world- 
wide crackdown on 
illegal online music- 
sharing is highlight- 

ing the need for companies to 

detect and shut down unau- 
thorized peer-to-peer activi- 
ties on their networks. 

Last week, the International 
Federation of the Phonograph- 
ic Industry launched criminal 
cases against scores of individ- 
uals for illegally sharing copy- 
righted music on P2P net- 
works in Canada, Germany, 
Italy and Denmark. The IFPI’s 
action follows a similar cam- 
paign by the Recording Indus- 
try Association of America 
(RIAA), which on March 23 
initiated a fresh round of legal 
actions against more than 500 
computer users for illegal mu- 
sic-sharing. 

So far, nearly all of the law- 
suits have involved individuals 
on university networks or 
commercial Internet service 
provider (ISP) networks. But 
as early as October 2002, the 
RIAA informed CEOs at hun- 
dreds of large companies of 
the significant legal liability 
they face under federal copy- 
right law if music, movies and 
other copyrighted works are 
pirated using their networks. 


Liability Concerns 
Some organizations seem to be 
taking that message seriously. 

“We are concerned about 
the liability issues,” said 
Steven Annese, IT manager at 
Sara Lee Coffee & Tea North 
America, a Harrison, N-Y.- 
based division of Sara Lee/DE 
of the Netherlands. 

The company has installed 
software from San Diego- 
based Websense Inc. to help it 
detect and automatically shut 
down any P2P application that 


a user might attempt to launch | 





on its corporate network. The 
software also allows Sara Lee 
to block employee access to 


| P2P Web sites, including some 


of the newer ones that mask 
the origin of the IP address 
and encrypt the traffic. 

Sara Lee made the move af- 
ter discovering several em- 


| ployees running P2P software 
| such as Kazaa and Morpheus 
| on its networks, Annese said. 


Terra Nova Trading LLC 
made a similar move after 


finding employees using P2P 


applications. The Chicago- 
based financial services firm 
began using software similar 
to that from Websense to sniff 
out and stop P2P applications 


from launching on all trader 

| and back-end systems. Terra | 
| Nova installed the software to 
protect itself from liability for | 
copyright infringements and | 
because P2P applications 
waste a tremendous amount | 
of bandwidth, said Kevin Ott, | 
vice president of technology 

at Terra Nova. | 

As a financial trader, “we 


sPacataee tnd: ‘Bandwidth 





live and die by the amount of 
bandwidth we have,” Ott said. 
The University of Wiscon- 
sin in Madison, meanwhile, is 
using “network shaping” tech- 
nology to prioritize network 
traffic, with P2P sharing being 
given a lower priority than 
other types of traffic, said Kim 
Milford, the university’s infor- 
mation security manager. 


= Websense: Tools for blocking access to P2P sites, shutting down P2P ses- 
Stans ati proweniinng 2? applcallore enn Mains OF nN Maen 


rheseenen 


sole Siattatecsabiiend: 


pungenii 
Wola ce Be erpount of argent tel & catoaion Oy ae Sum: 


Stee na evaderes 


saFiasssTie Qsoemneniontienn ina: GoRiuten tal haptics sh iakali tek 
flow in and out of a corporate network, looking for specific P2P markers. 


www.computerworld.com 


“Sharing files via P2P tech- 
nologies takes longer, [there- 
by] reducing the incentive to 
use it,” she said. 

Since the RIAA's crackdown 
began, First Internet Inc., an 
ISP in St. Clairsville, Ohio, has 
been sending notices to its 
customers warning them 
about the consequences of il- 
legal file-sharing. Since then, 
the company has been moni- 
toring its networks “for any 
large and consistent increases 
in P2P activity,” said Mike Tin- 
dor, the company’s vice presi- 
dent of network operations. 

“If we receive a copyright 
infringement warning, we typ- 
ically provide the customer 
with the notification and a 
copy of our policy, and we 
provide them with suggested 
methods to reduce any risk 
to themselves,” Tindor said. 


@ 45937 


LEARNING LESSONS 


IT managers can get some P2P-fighting 
tips from their university campus 
counterparts 


Qe QuickLink 43111 
www.computerworld.com 





Health System Uses BMC Tools 
To Cut Mainframe Upgrade Costs 


BY MATT HAMBLEN 
After using performance man- 
agement software to improve 


| batch-processing times for ac- 
| counting and other functions, 


the WakeMed Health Network 
last week said it will be able to 
upgrade to a new mainframe 
this month for $850,000 less 
than it originally expected. 
The not-for-profit health 


| care company operates eight 


medical facilities that rely on 
an IBM mainframe and 240 
distributed servers, all of 
which are managed 

with products from 


| BMC Software Inc., 


said WakeMed CIO 
Steven Riney. 
Raleigh, N.C.- 
based WakeMed 
has invested about 
$2 million in BMC’s 
software since 2000, 
and it began to fully 
implement the tech- 
nology when Riney 
joined the company 


RINEY: “Two years 
Fleet a i Cui) 


were sick. . . . 
Came ae 


in mid-2001. He said he thinks 
WakeMed has already gotten 

a return on its initial invest- 
ment, especially because criti- 
cal servers that support pa- 
tient and emergency care 
have much less downtime 
than before. 

“Two years ago, our IT sys- 
tems were sick,” Riney said. 
“The perception by staff was 
that systems were always down. 
We're well now. We have few- 
er people standing in line” 
with trouble reports. 

Riney hasn’t per- 
formed a formal ROI 
calculation except in 
two areas involving 
WakeMed’s main- 
frame, which is mon- 
itored by BMC’s 
Mainview Predict 
tool. WakeMed also 
uses BMC’s Patrol 
for Unix Perform 
and Predict software 
to track about 40 
Unix servers that 





a 





are tied to the mainframe. 
Both products were used to 
improve CPU performance at 
a time when overnight batch 
processing of accounting data 
was taking 15 hours to run, 


pushing into the next workday, 


Riney said. After the software 


| helped show where the delays 


were occurring, WakeMed cut 


| the time it takes to run the 


batch processes by about half 
late last year. That makes it 
possible to distribute billing 
information a day earlier, 
which is expected to save the 
company $600,000 annually, 
according to Riney. 

Because of the increased 
CPU efficiency, WakeMed’s 
new mainframe won't need as 
much processing power as the 
one it has now. That will re- 
duce both hardware and soft- 


ware costs for the new system, 


Riney added. The tab will to- 
tal $1 million, compared with 
an original cost estimate of 
$1.85 million, he said. 
WakeMed uses about 75 dif- 
ferent BMC products, includ- 
ing tools that monitor individ- 
ual servers and notify support 





technicians when they exceed 
set resource usage levels, 
Riney said. 

With management software, 
“it’s always hard to prove ROI,” 
said Jean-Pierre Garbani, an 
analyst at Forrester Research 
Inc. Garbani said he believes 
Riney’s cost-avoidance calcu- 
lation on the new mainframe 
but noted that the batch 
process time improvement 
“sounds spectacular.” 

Nonetheless, Garbani credits 
WakeMed for its ability to use 
the systems management soft- 
ware to coordinate its entire IT 
infrastructure. “It’s one thing 
to have a bunch of information 
on systems and another thing 
to understand it,” he said. 

Riney said it took months 
for WakeMed’s IT staff to 
properly tune management 
alerts on the company’s 
servers so that technicians 
could be notified when repairs 
and fixes were necessary. 

“We've learned that man- 
agement software tools are 
complex, and there’s no way 
around it,” Riney said. 


@ 45942 





www.computerworld.com 


NEWS 





Wage Inflation Unlikely to Soon 
End India’s Offshore Dominance 


Benefits are still too attractive to unseat | 
it as outsourcing leader, experts say 





BY THOMAS HOFFMAN 
AND PATRICK THIBODEAU 

When U.S. companies look to 
move IT activities overseas to 
reduce costs, the labor savings 
in India are typically com- 
pelling enough to keep them 
from shopping around for IT 
skills in places like China or 
Eastern Europe. 

And even though wages for 
IT workers in India are ex- 
pected to rise by double-digit 
rates annually over the next 
several years, few IT sourcing 
experts expect to see a mas- 
sive shift in investment dollars 
to other countries in the fore- 
seeable future. 

One reason why U.S. com- 
panies will continue to prefer 
India is the depth of its labor 
pool, which stems from the ea- 
gerness of its citizens to ob- 
tain technical training. 


| said Christopher Fisher, head 


| grammer someday.” 





“In most of urban India, a 
computer programmer is ex- 
alted somewhat, like being a 
doctor is in the United States,” 


of corporate IT strategic plan- 
ning at Hong Kong-based 
Techtronics Industries Co. 
“Everyone wants his son or 
daughter to become a pro- 


Fisher said he’s impressed 
by the financial sacrifices that 
Indian families are willing to 
make to ensure that their chil- 
dren get a good education. 
“(This] emphasis on education 
really struck me,” he said. “It 
reminded me what [the U.S.] 
used to be about.” 

Wage pressure exists over- 
seas for people with hard-to- 
find specialized skills such as 
ERP and program manage- 





ment, said Gordon Corbon, 


executive vice president and 
chief financial officer at off- 
shore outsourcer Cognizant 
Technology Soiutions Corp. in 


India by using U.S. workers, 


person workforce, he added. 


| Gradual Migration 


Outsourcing experts don’t ex- 
pect to see demand shift away 
from India anytime soon. In- 

stead, “there will be a general 


| migration of work to other 


countries as India gets its 


| dance card filled,” said Joan 


Conway, director of managed 
services at Fujitsu Consulting 
in Calgary, Alberta. 

And that will likely take a 
while. According to the Na- 
tional Association of Software 
and Service Companies, an IT 
industry group in India, there 
are approximately 290,000 en- 
gineering degrees being 
awarded annually in India, 


with the majority of those 


| workers entering IT fields. 


Eugene M. Kublanov, vice 


| president of corporate devel- 
| Opment at NeolT Inc., a San 


Ramon, Calif.-based offshore 


| Outsourcing consultancy, said 


salary levels for Indian pro- 


| grammers are expected to 

| double by the year 2010, based | 
| Teaneck, N.J. The company can 
| make up for skills shortages in 


on a 13% compound annual 


| growth rate. Meanwhile, pro- 
| grammers in China are typi- 
| who make up 30% of its 10,000- | 
| than those in India, and a 

| growing number of North 

| American companies are look- 
| ing to China for client/server 
and Java development skills, 


cally paid 20% to 30% less 


Conway said. 
But it will be years before 


| countries like China are able 


to overcome language barriers 
and produce a sufficiently ma- 
ture set of IT workers to draw 
a significant amount of work 
away from India, said analysts. 
Techtronics’ Fisher said lan- 
guage and cultural issues in 
China make it hard to fill job 
openings there. “While the 
Chinese definitely have focus 
and immense talent, the barri- 


RAMON. CALIF 


AN 


ers are much higher for them,” z 


he said. @ 45936 





Demand for IT Contractors Rising Slowly 


BY THOMAS HOFFMAN 

As corporate revenue growth 
steadily improves this year, 
spending on new or back- 
logged IT projects is also 
expected to increase. 

But with IT staffs running 
lean following three consecu- 
tive years of cost cutting, 
many companies will look to 
domestic IT contractors to 
help supplement their project 
teams, IT executives and ana- 
lysts said last week. 

“We're seeing a little bit of 
an uptick in demand for con- 
tract labor,” said Tom Pohl- 
mann, an analyst at Forrester 
Research Inc. in Cambridge, 
Mass. Pohlmann cited a De- 
cember 2003 survey of 364 
North American IT decision- 
makers conducted by For- 
rester that found that 52% of 
respondents plan to use a 
combination of internal train- 
ing and IT contractors to help 





make up for a shortfall in IT 
skills this year. Only 22% of 


| 
| 
the respondents said they plan | 


to increase their internal IT 
staffs this year. 
Still, U.S. companies appear 


to remain tentative about 
launching into new project 
spending as they await further 


signs of an economic recovery. 


For instance, Digerati Solu- 
tions LLC, a Babylon, N-Y.- 


How will you make up for your 
shortfall of IT skill sets in 2004? 





based systems integrator, has 
noticed a rise in interest in 
new projects, but that hasn’t 
yet translated into new orders, 
said Dan Hoffman, the compa- 
ny’s president. 

“People are more encour- 
aged about the economy, but 
they’re not knocking down 
doors yet,” said Hoffman. 


Lack of Urgency 
Carl Schulz, a principal at 
Delta Corporate Services Inc., 


develop and implement a digi- 
tal-asset management system 
for managing more than 35,000 
hours of archival video footage, 
said Steve Evans, vice presi- 
dent of information systems. 
To help make upgrades to 
its servers, networks, desktops 


| and operating systems, the 


an IT consultancy in Parsippa- 


ny, NJ., concurred, noting that 
the lack of urgency to start 


new projects — along with the | 


increasing use of lower-cost 
offshore labor — has led to 
continued downward pressure 
on IT contractor fees. 

PGA Tour Inc. in Ponte Ve- 
dra Beach, Fla., is planning to 
increase its domestic IT con- 
tract spending in two areas 
this year. The professional goif 
association will tap contrac- 
tors to support IT infrastruc- 


ture improvements and to help | 


PGA Tour has brought in eight 
contract workers for a 13-week 
period and is planning to re- 
tain four of them for an addi- 
tional 13 weeks, said Evans. 
Because of its continued 
revenue growth, GE Real Es- 
tate in Stamford, Conn., hasn’t 
reduced its IT investments or 
IT staffing levels for the past 
four years, said CIO Hank 
Zupnick. Still, the company 
plans to continue to use con- 
tract workers to help supple- 
ment its own IT staff for large 
projects, he said. This includes 
the use of six full-time and two 
part-time Java contractors to 
help with the development of 
a new property management 
system, Zupnick said. @ 45934 





12 compuTeRWoRLD April, 2004 


Deputy CiO at DHS 
Resigns From Post 


Laura Callahan, deputy CIO at 


the U.S. Department of Homeland | 


Security, resigned on March 26, 
a DHS spokeswoman said last 
week. Callahan had been on paid 
administrative leave since June, 
when questions surfaced about 
her academic qualifications. 


Intel Pays $225M 
To End Patent Suit 


Intel Corp. will pay Intergraph 
Corp. $225 million to settle a 
patent dispute, the companies 
said last week. The settlement 
grants Intel a license for Inter- 
graph’s parallei instruction com- 
puting technology. Also, Madison, 
Ala.-based Intergraph said it has 
withdrawn charges against Dell 
Inc. in a related patent dispute. 


Cisco Warns Users 
About Hacking Tool 
Cisco Systems Inc. last week 
warned users about the public 
release of computer code that 
exploits security vulnerabilities 
in Cisco products. The program 
could allow hackers to compro- 
mise Catalyst switches or ma- 
chines running the Internetwork 
Operating System, the company 
said. [For more information, go 
online: QuickLink 45832.] 


Unisys Mainframe 
Allows Pay-Per-Use 


Unisys Corp. last week introduced 
a new line of ClearPath mainframe 
servers, one of which will be avail- 
able with a pay-per-use pricing 
model that will cut costs by 20% 
to 30%, the company said. The 
ClearPath Plus Libra 500 line in- 
cludes one midrange system 
based on Intel’s Gallatin multi- 
processor Xeon chip, plus two 
systems that will support either 
Xeon processors or the Unisys 
MCP CMOS processor. One of 
those two is being offered on a 
pay-per-use basis, but Unisys de- 
clined to disclose pricing. 





NEWS 


Best Buy Considers IT 
Outsourcing Options 


May hand over IT; call center operations 
as it follows path of other major retailers 





| BY CAROL SLIWA 


EST BUY CO. may join 

the collection of re- 

tailers that are opting 

to outsource a signifi- 
cant portion of their IT opera- 
tions to major technology ser- 
vices companies. 

The Richfield, Minn.-based 
retail chain last week con- 
firmed that it has been inves- 
tigating outsourcing options 
for the company’s IT and call 
center operations. 

“We're always looking for 
new ways to increase our effi- 
ciency and operations, so 
there are ongoing discussions 
with potential vendors, none 
of which we can identify at 
this point,” said Dawn Bryant, 
a spokeswoman for Best Buy. 
“There has been no letter of 
intent, much less a contract 
signed to date.” 

But it’s possible the decision 





either has been made or is im- 
minent. One retail industry in- 
sider, who asked not to be 
identified, said a Best Buy IT 
executive informed him that 
the company plans to out- 
source IT. 

The Wall Street Journal re- 


[Retailers are] 

going to take a 
look at the things 
that do not give 
them a competitive 
advantage, whether 
that be telecommu- 
nications, network- 
ing, maintenance. 


DAVID HOGAN, SENIOR VICE PRESI- 
DENT, NATIONAL RETAIL FEDERATION 





cently reported that an inter- 
nal Best Buy memo indicated 
that Accenture Ltd. is prepar- 
ing to assume management of 
some of the company’s IT ser- 
vices and telephone call cen- 
ters by June 1. The memo stat- 
ed that Best Buy anticipates 
that a significant percentage 
of IT associates will be offered 
positions with Accenture, ac- 
cording to the Journal. 

That’s what happened at 
Target Corp., a Minneapolis- 
based neighbor of Best Buy, 
when it signed a major out- 
sourcing deal with IBM Global 
Services five years ago. 

Sears, Roebuck and Co. is 
currently negotiating with 
Computer Sciences Corp. on 
an IT outsourcing deal that’s 
expected to be worth about 
$2 billion over the next 10 
years [QuickLink 45543]. The 
deal, under which CSC would 
manage much of the IT infra- 
structure at Sears, is expected 
to affect about 260 of the re- 
tailer’s 1,160 IT workers. 


www.computerworld.com 


But Sears said it expects 
CSC to hire “substantially all” 
of the affected staffers. Gary 
Kelly, CIO at Sears, said earlier 
this year that companies that 
acquire an outsourcing con- 
tract usually hire some portion 
of the customer’s IT workers. 

Kelly said he expects the 
outsourcing deal to benefit 
Sears by heightening “the sta- 
bility and reliability” of the 
company’s infrastructure and 
reducing the cost of future IT 
improvements. 

David Hogan, a senior vice 
president at the National Re- 
tail Federation in Washington, 
said the outsourcing trend 
among retailers is prevalent. 
“They’re going to take a look 
at the things that do not give 
them a competitive advantage, 
whether that be telecommuni- 
cations, networking, mainte- 
nance,” Hogan said. Best Buy 
currently employs a mix of 
about 800 in-house employees 
and a fluctuating number of 
contract workers in its IT de- 
partment, Bryant noted. 

Best Buy CIO Marc Gordon 
last month announced his res- 
ignation. Although the com- 
pany plans to replace him, 
the job responsibilities may 
change, Bryant said. @ 45930 





Fortify Launches Tools for Security 
Testing During App Development 


Product suite helps 
companies find 


and fix code flaws 


BY JAIKUMAR VIJAYAN 
Security experts have long 
maintained that secure coding 
practices make for secure 
business applications. 

To that end, Fortify Soft- 
ware Inc. in Menlo Park, Calif., 
this week will join a small 
group of vendors offering 
tools designed to help compa- 
nies identify and fix flaws in 
the application development 
stage. 

Fortify’s Source Code 
Analysis product suite in- 
cludes a developer’s tool kit, a 
source-code analysis server, 





an auditing tool and security 
functions aimed at helping 
companies unearth and fix 
flaws in C/C++ and Java code- 
based application develop- 
ment. The goal is to give com- 
panies a way to discover flaws 
in code that could lead to 
threats such as buffer over- 
flows, format string errors and 
SQL injection exploits, said 
Mike Armistead, a co-founder 
of the company. 


Analysis Feature 
The suite also includes a run- 
time analysis component that 
allows security workers to 
launch a variety of attacks 
against new applications be- 
fore they are deployed. 
Fortify’s software is “com- 





pelling because it addresses 
the root cause of today’s esca- 
lating attacks — the vulnerabil- 
ities in the software itself,” said 
Chuck Geiger, chief technology 
officer at PayPal Inc., an early 
adopter of the product. 


USCA st ees) 
ee ew VELA 


Provides source-code analy- 
sis at the developer’s desk- 
top. Price: $3,500 


UY oeey SORT) 
rele Tate Mavi (crm OMe cin mire 
Price: $50,000 





Unlike manual audits and 
code reviews that are time- 
consuming and limited in 
scope, an automated approach 
accelerates the ability to deliv- 
er secure software, according 
to Geiger. 

“We now have the ability to 
run security checks at a fre- 
quency we desire, and against 
as much of the code base as 
we desire,” he said. 

Other vendors offering such 
software include Sanctum Inc. 
in Santa Clara, Calif., which 
sells automated testing tools 
that enable quality assurance 
and audit staff to test Web ap- 
plications for security defects 
before they’re deployed. 

The software allows quality 
testers to create customized 
scripts for testing, comparing 
and validating potential secu- 
rity defects in applications. 
SPI Dynamics Inc., KaVaDo 
Inc. and Cenzic Inc. offer simi- 
lar tools. @ 45935 





www.computerworld.com 


SAS Upgrade Offers New Tools for IT 


Aims to ease management of data marts 





BY CRAIG STEDMAN 

CARY, N.C 

IT managers and SAS users 
don’t always see eye to eye. 
But SAS Institute Inc. last 
week released an upgrade of 
its data analysis software that 
includes new features de- 
signed to make it easier for IT 
departments to set up and 
centrally manage data marts 
for users of the tools. 

The SAS 9 software became 
available almost exactly a year 
to the day from when the com- 
pany detailed its plans for the 
upgrade, saying then thatthe | 
new version would be ready 
by the end of 2003 [QuickLink 
37503]. SAS 9 also adds other 
enhancements, such as multi- 
threading support to boost 
performance and less-complex 
user interfaces aimed at mak- 
ing the software more accessi- 
ble to users who aren’t statisti- 
cians or data mining experts. 

Catalina Marketing Corp., a 
marketing services company 
in St. Petersburg, Fla., has had 
small groups of SAS users for 
10 years or so. But Catalina in- 
creased its commitment to 
SAS about 15 months ago and 





hopes to use the software to 


Continued from page I 
ITAA Report 


But the report’s conclusion 
in support of offshore out- 
sourcing drew much skepti- 
cism. Richard Ellis, the princi- 
pal researcher on an IT work- 
force report completed for the 
Commission on Professionals 
in Science and Technology 
last fall, said the Arlington, 
Va.-based ITAA “has been a 
consistent mouthpiece for the 
industry” and its studies “have 
a consistent tendency to reach 
predictable conclusions.” 

John Steadman, president of 
the Institute of Electrical and 
Electronics Engineers-USA, 





said the report assumes that 
the savings from offshore out- 
sourcing will be used to create 


consolidate a large portion of 
the business intelligence point 
products that are now used 
within the company, said Kelly 
Carrigan, its senior director of 
database architecture. 

“SAS lets you consolidate, 
but it requires that IT folks 
and the advanced users work 
together,” he said. “There has 
to be mutual respect for each 
other’s contributions.” 

To foster cooperation and 
coordination between IT and 
the data analysts and data 
mining specialists who cur- 
rently use the SAS tools, 
Catalina set up an internal 
SAS user group that meets bi- 
weekly. The company also cre- 





NEWS 


ated an intranet site with a set 


| of FAQs about the SAS appli- 
| cations and ran a “SAS educa- 


tion boot camp” for a group of 
about 20 IT staffers and end 
users, Carrigan said. The boot 
camp involved 10 days of 
training classes over a three- 


| month period, with help from 


a SAS instructor, he added. 
For IT managers, the up- 
grade provides improved data 
cleansing tools and a common 
metadata repository for ensur- 
ing that information is consis- 
tent across different systems. 
The new Web-based user in- 


| terfaces also let IT depart- 
| ments support the software in 
| thin-client mode, SAS said. 


In the past, SAS was often 


adopted by power users “who 


More Data Analysis News 


BUSINESS OBJECTS SA this week will ship upgraded integration tools, 
with added data-cleansing capabilities and the ability to store Crystal 
Reports documents in data marts for detailed analysis. 


GENALYTICS INC. this week plans to announce an upgrade of its 
business analysis software, which is aimed at the financial services, 
telecommunications and insurance industries. 


INFORMATION BUILDERS INC. last week announced a Web-based 
query and reporting tool designed for end users who aren't data analysis 


specialists. 


new jobs in the U.S. And it’s 
“not absolutely clear that will 
happen,” he said, adding that 


- | companies can “invest over- 


seas, and the new jobs get cre- 
ated elsewhere and do not 
help U.S. workers.” 

The economists who con- 
ducted the research said histo- 
ry has demonstrated that free 
trade raises the standard of 
living in the U.S. 

Lawrence Klein, one of the 
report’s authors and a 1980 
Nobel Laureate in economics, 
said that when the U.S. stopped 
making TV sets, “people 
thought that was a disaster.” 
But those workers moved on 
to other jobs, he said. 

“The American way has al- 
ways been to move to higher 
value-added,” meaning better- 
paying work, Klein said. 





The economy will experi- 
ence more growth with off- 
shore development than with- 


| Out it, the report concludes. IT 


employment will grow over 
the next five years, adding 
516,000 jobs in the software 
and services sector. But 
272,000 of those jobs will go 
offshore, with 244,000 remain- 
ing in the U.S. 


White-Collar Losses 

The offshoring of high-paying 
white-collar jobs has raised 
particular concern. When 
overseas manufacturing led 
to the loss of textile jobs, 
there was a shift in the U.S. 
to more productive, higher- 
paying jobs, according to Lee 
Price, research director at 
the Washington-based Eco- 
nomic Policy Institute. But 


but it requires that 


" vanced users work 
| together. There has 


' ten circumvented IT” to get at 


| said Wayne Eckerson, an ana- 








SAS lets you 
consolidate, 


IT folks and the ad- 


to be mutuai respect. 


eee eres eeesessessseseseseseees 


KELLY CARRIGAN, SENIOR DIREC 


| TOR OF DATABASE ARCHITECTURE, 


CATALINA MARKETING CORP. 


13 


COMPUTERWORLD April 5, 2004 


analyst at KeySpan. The mar- 
keting analysts can make 


| changes to the data marts as 


long as they notify IT, DeMat- 


| teo noted. 


“If you don’t have that com- 
munication going back and 


| forth, [a SAS installation] is 
| going to be a failure,” he said. 
| “There’s no doubt in my mind.” 


Prasanna Dhore, executive 


vice president of marketing, 


e-commerce and CRM at 
Dreyfus Service Corp., said 
the New York-based mutual 
funds firm has a clear division 
of labor on its SAS setup: IT 


| extracts information into data 


| marts, and statisticians focus 


wanted access to data and of- 
the information they needed, 


lyst at The Data Warehousing 
Institute in Seattle. But SAS 9 
looks to be a more IT-friendly 
offering, Eckerson said. 
Michael DeMatteo, manager 
of market intelligence and 
planning at KeySpan Corp. in 
Brooklyn, N-Y., said his group 
of SAS users is in contact on a 
daily basis with the gas utility’s 
IT department. IT staffers 
maintain a set of data marts for | 


| the marketing analysts, a big 


improvement from the days 


| when the SAS users “collected 


‘shoebox’ data sets that some- 


| one stuck on a disk,” said 
| Michael Augustine, a senior 


“the opposite is happening 
[with] computer software off- 
shoring,” he said. 

“This trend to offshore 
productive jobs in the U.S. 
economy is making us less 
productive and not stimulat- 
ing the economy,” said Price. 
“We are giving up some of the 
most productive jobs in our 
economy.” 

Gauging the impact of off- 
shore development on IT 
wages in the U.S. can be diffi- 
cult in view of the economic 
downturn. Bob Moore, a Los 
Angeles-based high-tech re- 
cruiter, said programming jobs 
that were paying $90,000 to 
$100,000 before the downturn 
are now paying $70,000 to 
$80,000. But he said it’s un- 
clear how much of that should 
be attributed to the weak 


on analyzing it. “There’s no 


| stepping on toes,” Dhore said. 


“I mean, I can make a good 


| cup of coffee. But is that a 


good use of my time?” 
Dreyfus also wants to make 


sure that the data analysts are 


working with information that 


| comes from its central data 

| warehouse, Dhore added. 

| “That’s the only corporate 

| memory we have, and if you 

| have renegade systems here or 


there, how can you control 


those things?” @ 45904 


READ MORE ONLINE 


SAS hopes to use SAS 9 to compete 

head-on with busines vendors 

like Business Objects and Cognos: 
QuickLink 45897 
www.computerworld.com 


economy vs. offshoring. 
Nate Viall, a Des Moines- 


| based recruiter who special- 
izes in finding candidates for 

| IBM iSeries application devel- 

| opment, said in his latest quar- 

| terly study, which was re- 

| leased last week, salaries for 

| managers in that niche were 

| up 4.4% from 2003. The aver- 


age salary was $89,200. 

He said these developers 
have fared well because they 
specialize in a system that’s in 


| wide use with small and mid- 


size businesses that aren’t do- 


| ing a lot of offshoring. 


But Viall expressed concern 
that displaced workers may be 
inclined to retrain for iSeries 
development and in turn drive 
down wages for his recruits. 
“Tt could have that potential,” 
he said. @ 45933 





COMPUTERWORLD Apri 5, 2004 


Gluecode Customizes Open-Source Apps 


BY TODD R. WEISS 


nounced a business automation server IBM’s WebSphere. 


package that it’s positioning as an 


| open-source alternative to proprietary 
Gluecode Software last week an- | enterprise portal products such as 


Gluecode Enterprise Server 3.5 com- 





Hip BROCADE 


Baa 
WHAT 


(2) eine At Ce 2 ela erro) ey. 


Nitoh alm e) Mol mu Mohit 
solutions for your Storage 
Area Network. Plan now to 
attend the industry’s leading 
storage networking conference. 


Exchange information and network 
TALL Ae) emt hte ae ol -1 a 


at Xetamo Hie Sai b Meee ieekaol- (wb Cd he 
ST RM eee alee Ser heme Uy 
industry providers discussing today’s 
hot topics 


Attend technical breakout tracks, 
tutorials, and hands-on labs covering 
SAN design and implementation, SAN 
management and security, as well 

Ore y UMP airtel mela i hat ag 

and evolution 


Get certified with a complimentary 
Tatra teed 


eta eu oh Sy UN 
technologies in the expanded SAN 
Solutions Center 


n/conterence2 


Register Early and Save $200! 


Early bird registration just $695 - a $200 savings! 
Early bird registration ends April 20 


Brocade 
a Conference 





| bines business process management, 


security management and an enter- 
prise portal in an integrated suite, us- 
ing open-source applications from the 
Apache Software Foundation. Pricing 
starts at $4,000 per month, regardless 
of the number of servers or users. 

Los Angeles-based Gluecode takes 
the base Apache applications, creates 
connecting code to customize them 
based on user require- 


in a package that includes 
support and a software 


ments and sells the bundle & The 


warranty. can be held 


Apache open-source 
projects include the 


Apache Web server; the = gnbelievers. 


Jetspeed enterprise infor- 


development framework; 

and Ant, a Java-based building tool. 
There are also open-source Apache 
projects under way for Web services, 
component programming, and enter- 
prise mail and news servers. 

Mike Hogarth, an assistant professor 
at the School of Medicine at the Uni- 
versity of California, Davis, and a lead 
informaticist at its Center for Biopho- 
tonics, is using Gluecode’s Advanced 
Server application in a test environ- 
ment to replace a custom portal appli- 





Se ereeeeccscesseesesesess 


mation portal; Cocoon,a —_7,¢H ROTH. BUSINESS 
; component-based Web MANAGER, AT&T WIRELESS 


www.computerworld.com 


cation created by the school in 1997. 
The old application had become a 

maintenance nightmare,” he said, and 
instead of reworking it, Hogarth decid- 
ed to try Gluecode. “It was built exact- 
ly the way I would want to build my 
next one,” he said. 

Proprietary portals would have had 
“feature overkill” and been too pricey 
for his 4,500 users, Hogarth said. 

Zach Roth, a business manager at 
AT&T Wireless Services Inc. in Red- 
mond, Wash., said he’s evaluating 

Gluecode’s portal and 
business process manage- 
ment engine to automate 


vendor some first-tier internal 


support in his department. 
“Open-source hasn’t 


accountable for been well received through- 


out the enterprise tradition- 
ally,” Roth said. “Those bat- 
tles are still being fought. 

“Out of the box, [most 
open-source applications] 
are not going to meet your needs 
100%,” he said, adding that with Glue- 
code’s model, “the vendor can be held 
accountable for nonbelievers.” 

Greg Stein, chairman of the Apache 
Software Foundation, said his group 
encourages companies like Gluecode 
to take open-source applications and 
use them to create their own products. 
“We're very supportive of it,” he said. 
“That’s totally fine. That’s our basic 
philosophy.” @ 45861 





Gates Suggests 2006 for Longhorn 


Release of alpha version 
expected later this year 





BY JORIS EVERS 
Microsoft Corp. Chairman Bill Gates 
last week suggested 2006 as the release 
year for the next version of Windows, 
code-named Longhorn. 

Speaking at Gartner Inc.’s Sympo- 
sium/ITxpo event in San Diego, Gates 
stopped short of actually setting a dead- 
line for Longhorn but said industry 
speculation that the operating system 
will come out in 2006 is “probably valid.” 

Gates also said that Microsoft will 
release an alpha version of Longhorn 
later this year. He didn’t mention the 
first beta version, which Microsoft pre- 
viously said it would deliver in 2004. A 
beta is further along in the software de- 
velopment cycle than an alpha. “We 
will have an alpha release out this year 
that everybody can look at,” Gates said. 

A Microsoft spokesman said the al- 
pha version will be made available to 


software developers, but exactly how 
the company will distribute the soft- 
ware is yet to be decided. 

At its Windows Engineering Hard- 
ware Conference last May, Microsoft 
said it would deliver Longhorn in 2005, 
but it later backed away from that com- 
mitment. Company executives have 
since declined to specify a release year 
for Longhorn, which Gates called a “big 
breakthrough release” for Microsoft. 

Gates cautioned that the schedule 
for Longhorn is fluid. “Longhorn is not 
a date-driven release,” he said. There 
are a lot of technological “must haves” 
for Longhorn, and those could hold 
back a release if they aren’t completed 
on time, Gates added. 

Software developers have already 
had a first look at Longhorn. Microsoft 
released a special preview version of 
the software at its Professional Devel- 
opers Conference last October [Quick- 
Link 42413]. @ 45860 








i Evers writes for the IDG News Service. 





www.computerworld.com 


NEWS 


IBM Seeks Knockout Blow in SCO Case 


Appears confident of no infringement 





BY ROBERT MCMILLAN 

A recent court filing by IBM 
demonstrates the company’s 
growing conviction that it will 
prevail in its legal dispute with 
The SCO Group Inc., accord- 
ing to lawyers following 

the case. 

In an amended counter- 
claim to SCO’s lawsuit filed 
March 26, IBM asked the U.S. 
District Court for the District 
of Utah to enter a declaratory 
judgment in its favor. IBM 
asked the court to rule that it 
hasn’t infringed on SCO’s 
copyright and hasn’t breached 
its contractual obligations to 
SCO. The filing further asks 
the court to rule that Lindon, 


Utah-based SCO, which was at 


| one time a Linux vendor, can’t 


impose restrictions on the 


| software that it previously dis- 
| tributed under Linux’s open- 
| source software license. 


By seeking a declaratory 


| judgment, IBM appears to be 


indicating that it has conduct- 
ed an internal analysis of 


| SCO’s claims and found them 
to be without merit, said Jeff 


Norman, an intellectual prop- 
erty partner at Chicago-based 
law firm Kirkland & Ellis LLP. 


| A judge could issue a judg- 
} ment as soon as the discovery 


process is over and before the 
case goes to trial. 
“Tt just means that they 


didn’t find any smoking gun. 
If they had found something 
really bad, they probably 
would have gone to SCO 
and talked settlement,” Nor- 
man said. 

It would be typical in a case 
like this for IBM to conduct 
an internal investigation to 
determine whether any of 
SCO’s claims were true, 
Norman said. Such an investi- 


| gation would involve inter- 

| viewing and reviewing e-mail 
| and code contributions from 
| IBM’s Linux programmers, 

| he added. 


IBM has over 7,500 employ- 


| ees involved in various as- 

| pects of its Linux efforts, in- 

| cluding more than 600 devel- 

| opers who work in the compa- 
| ny’s Linux Technology Center. 


| SCO is talking 


Jeffrey Neuberger, a partner 
at Brown Raysman Millstein 
Felder & Steiner LLP in New 
York, said he agrees that the 
filing appears to show grow- 
ing confidence on 
the part of IBM. 

“They’re saying 
to the judge, ‘We 
don’t know what 


visit our Web site 
© QuickLink 23260 
www.computerworld.com 


about; there is no 
infringement,’ ” he 
said. “They must feel very 
comfortable that there’s no 
infringement.” 

Because IBM's filing seeks 
the broad judgment that IBM 
hasn't infringed on “any valid 
or enforceable copyright 


| owned by SCO,” a declaratory 


judgment in its favor would 
prevent SCO from bringing up 


ONLINE ARCHIVE. 


COMPUTERWORLD April 5, 2004 


new copyright claims later in 
the trial and would have a dev- 
astating impact on SCO’s case, 
Neuberger said. 

“If the judge comes out and 
says there is no copyright in- 
fringement, then essentially 
there is nothing else to fight 
over. It would be 
the knockout blow 
to SCO’s case,” he 
said. How much 
longer IBM and 
SCO will continue 
with the discovery 
stage of the case 
remains unclear. In a compli- 
cated case, the discovery 
process can last for years, 
Neuberger said. 

IBM and SCO declined to 
comment on the court filing. 


@ 45876 


McMillan writes for the IDG 
News Service. 


Thankfully that cost is low with the new Firebox® X - the integrated, expandable network 
security appliance that delivers the highest security at the lowest total cost of ownership. 


a a 


' cy 


Help the CEO ‘CY. 


Mig bd bd bd bd bd id 


www.watchguard.com 


1-877-732-8780 


WatchGuard 


Firebox x 


The Security You Really Need.” Wetcndeaee 





16 compurenwort Apri 5, 2005 


OPINION 





MARYFRAN JOHNSON 


Show of Hands 


AISE YOUR HAND if you're tired of the 
perpetual debate about how important 
the CIO role is to the business. (I’m 
picturing a veritable sea of hands out 
there.) I know I’m beyond bored with 


discussions about who’s 
got a “seat at the table” 
and who doesn’t. I don’t 
care if the CIO reports to 
the chief executive or to 
the CFO. And I’ve lost all 
interest in whether the 
top IT exec rose up 
through the programmer 
ranks or hopped a cubi- 
cle wall from the busi- 
ness side. 

What’s far more inter- 
esting are the ramifica- 
tions of the expanding responsibili- 
ties of CIOs and other IT leaders. 
Across many industries, they’re 
playing key roles in business proc- 
ess analysis, change management, 
regulatory compliance, product de- 
velopment and business project 
management. The evidence is most- 
ly anecdotal, but it’s a lot more com- 
pelling — and believable — than 
some survey or analyst report. 

Today’s CIO is just as likely to be 
involved in merger and acquisition 
discussions and new-product devel- 
opment meetings as the CFO or 
COO, says John Moon, CIO at Bax- 
ter International and one of the ex- 
ecutives profiled in our story “The 
Wide-Ranging CIO” (page 31, and at 
QuickLink 45635). National corre- 
spondent Julia King talked with 
some two-dozen CIOs and found a 
lot of them wandering outside the 
traditional boundaries of IT. 

For example, at $13 billion Hu- 
mana, CIO Bruce Goodman steps 
into a sales role when pitching in- 
vestment analysts about IT’s en- 
abling role in the changing health 
care business. At The Burlington 
Northern and Santa Fe Railway, CIO 
Jeff Campbell is helping to re-engi- 
neer how the railroad moves freight 





across 33,000 miles of 
track. In the future, he 
predicts, “IT leaders 
will be well-respected, 
well-grounded business 
people who happen to 
have a second discipline 
called technology.” 

This shift in roles and 
responsibilities isn’t lim- 
ited to CIOs at large en- 
terprises, either. Even at 
smaller companies like 
Computerworld (which 

is a business unit within $2.3 billion 
parent company IDG), our CIO, Rick 
Broughton, runs the IT operation, 
sits on corporatewide technology 
committees and serves as vice presi- 
dent of our fastest-growing business, 
Computerworld.com. He even copes 
quite graciously with a user base of 
high-maintenance journalists. 

“The role of CIOs and other IT 
executives is changing (or should be 
changing) in many organizations to 





reflect our increasing reliance upon 
digital information for business pur- 
poses and for transactions that have 
profound legal and regulatory rami- 
fications,” say Randolph Kahn and 
Barclay T. Blair in their new book, 
Information Nation: Seven Keys to 
Information Management Compli- 
ance (AIIM, 2004). They argue 
convincingly that the job of manag- 
ing information has irrevocably 
changed, sitting as it does now at 
the confluence of law, technology 
and business practices. 

Whatever their backgrounds, it’s 
clear that top IT execs must juggle 
more complex, diverse and highly 
scrutinized tasks than any other cor- 
porate officers in history. Their 
roles now touch suppliers, cus- 
tomers and relationships across 
multiple corporate functions. For 
some, this will end up as multitask- 
ing run amok, spinning off pieces of 
the CIO job as it becomes too much 
for one person to handle. We've al- 
ready seen the rise of chief informa- 
tion security officers and the resur- 
gence of chief privacy officers. Up 
next will surely be chief process of- 
ficers and chief compliance officers. 

Raise your hand if you’re ready to 
rise to the occasion. @ 45893 





mf iith 
KY 
ye 
ae i 
SUNN 
) 


* , 
In 





www.computerworld.com 


PIMM FOX 


Security’s 
Weakest Link 


RECENTLY REPORTED 

security breach involv- 

ing BJ’s Wholesale 
Club Inc. has the Natick, 
Mass.-based retailer working 


with credit card companies 
to figure out just how many of its 

8 million members had their credit 
card information compromised 
[QuickLink 45612]. 

The company says it has ruled out a 
centralized security breach. 

So, what might have happened? 

Mike Higgins, an adjunct professor 
in the graduate information security 
management program at George Wash- 
ington University in Washington, says 
that whenever data is moved from a 
Web application server to a processing 
server, there’s a chance that a flaw 
could allow someone to gain access to 
the raw data. 

The process in- 
volves scanning for 
the first four digits of 
credit cards (a limit- 
ed sample, since 
those digits identify 
the issuer), and 
presto: You start 
downloading the 
names and numbers 
of hapless con- 
sumers. Depending 
on how often the 
processing server does its job, the 
numbers could be held in there for 
minutes or hours. 

Higgins, who has also worked for the 
Defense Department, says that when a 
transaction takes place, the data could 
be handled in two ways. “The least de- 
sirable is when the application server 
opens an avenue or connection with 
the processing server,” he says. 

Call that a connection from the out- 
side to the inside. 

The preferable transaction method 
is from the inside to the outside. In this 
case, the processing server makes a 
query to the application server using a 
Secure Sockets Layer handshake or 
some proprietary technology. 

Usually this involves a database ap- 
plication, since it’s processing the 
query and then moving it to the back- 
end channel. This can involve all or 
part of the data. 














AT&T VIRTUAL PRIVATE NETWORKS. Can your network play well with others? Can it share information with 
customers across the country? Or communicate with employees across the globe? AT&T designs, implements 
and manages Virtual Private Networks that make it easy to share all your business-critical applications over 


the Internet. They even allow you to evolve your networks at your own pace, while delivering reliable, 


consistent and, most importantly, secure performance. So your door will always be open for the people you 


do business with. And slammed shut for the ones you don’t. CAN YOUR NETWORK DO THIS? 


ail 1-888-889-0234 


5 


world’s networking company 








Business players are scattered 
across the globe and AT&T is 
uniquely positioned to offer 
the most comprehensive set of 
network- and premises-based 
Virtual Private Network (VPN) 
solutions to help keep your 
clients, suppliers, business 
partners and remote workers 
connected. Now that’s bringing 
the world of business together. 


AT&T’s VPN Portfolio includes: 


© Global implementations that 
heip your business expand. 


e Network resiliency with 
class of service capabilities 
supported by industry-leading 
service level agreements (SLAs). 


e Leading-edge network 
architectures for united 
connections with a variety 
of access options available. 


¢ Secured networking with 
privacy, encryption and 
authentication capabilities. 


© Management continuum 
ranging from a 
customer-managed to an 
AT&T managed solution, 
including proactive network 


monitoring and management. 


For more information, contact your AT&T 


AT&T VPN Portfolio offers a comprehensive suite of global network- and 

premises-based implementations that range from individual components to 
tailored end-to-erid solutions supporting the advanced application needs of 
today’s enterprises — extending to critical members of your SCM, CRM and 


ERP business models. 


AT&T Network-based VPNs utilize Multiprotocol Label Switching (MPLS), 
an advanced IP routing technology, to provide globally consistent networking 
environments designed to provide the flexibility of distributed communications 


with traffic prioritization through classes of service. 


AT&T Premises-based VPNs are delivered by adding intelligent devices to 
the customer premises over either tne AT&T Global IP Network, for users 
requiring a high performing network, or the Internet, for users requiring 
ubiquitous access with extended reach. AT&T offers multiple tunneling 
options, including IP Security (IPSec) and Secure Sockets Layer (SSL), 
allowing you to tailor your premises-based solution to meet your 


networking requirements. 


“Customers feel safe with AT&T. That is a very rare accolade indeed, 
given the trauma of operating in the global telecoms environment in 
recent times.”— Janet Watkin, Telemark Consulting UK 


In a recent Telemark Consulting UK poll, AT&T’s IP VPN Services were 
rated, “Excellent” by network managers worldwide. 


According to Forrester Research, AT&T is the best in the VPN business 
with a future-proof global VPN architecture. — Choosing The Right VPN, 
Forrester Research, lnc., March 2003 


IDC Rated AT&T top of all U.S. IP VPN managed carriers for market 
share and market leadership. 


Afst 


Representative, or visit www.att.com/networking. 





www.computerworld.com 


So once the query has been moved to 
the back-end channel, your customer 
might receive an e-mail confirmation 
along with real-time order processing. 

Straightforward, right? 

But when did you last test the effica- 
cy of the transaction process? Just en- 
ter a wrong credit card number and 
monitor how long it takes a customer 
service rep to alert you that the infor- 
mation is incorrect. 

Visa International has come up 
with another technology solution to 
the problem of credit card number 
exposure. Its IT division, Inovant LLC 
in San Francisco, has tackled the po- 
tential for credit card hacking with a 
secure real-time architecture. The 
technology is a requirement for Visa 
merchants. 

And it’s easy to check who's in com- 
pliance. 

If only the last four digits of a credit 
card number are visible on a receipt, 
then the merchant is using the secure 
system. Cash-register companies have 
developed compliant registers, and 
there’s an analog fail-over to make a se- 
cure connection if the primary one fails. 

So there’s no excuse for a large com- 
pany to be putting customers’ credit 
card information at risk. The solutions 


exist, but they need to be used. @ 45825 


MICHAEL GARTENBERG 


Perfect Storm 


Brewing for 
Microsoft? 
HERE’S NO DOUBT 

in anyone’s mind that 

Microsoft firmly con- 

trols the PC desktop market 


for business and consumer 


users, but a potential perfect 
storm is brewing. It could allow com- 
petitors to turn the tide against the 
software maker for the first time if 
Microsoft doesn’t take action. 

This storm could result from the 
convergence of three troubled fronts. 
First, Microsoft’s next-generation Win- 
dows product, code-named Longhorn, 
isn’t due for release until 2006 by the 
most optimistic projections, and some 
Microsoft watchers put it as late as 
2008. That means the company will 
have gone at least five years without a 
major release of its flagship product, 
the one that brings in the cash. 

Microsoft touts Longhorn as revolu- 


OPINION 


tionary and says it will 

make Windows XP look as 
pale as Windows XP made 
Windows 98 look. All well 


| and good, except for one 
| thing: A good deal of the 


market never made the leap 
to Windows XP. That’s 


| amazing when you consider 


that Windows XP is proba- 
bly the best operating sys- 
tem Microsoft has ever re- 
leased, whereas Windows 
98 was one of the worst. 
That stall in the market — a 
large number of customers 
holding on to old operating 
systems such as Windows 
95, 98, NT and 2000 — is 
combining with the delays 
for Longhorn to put Micro- 
soft at potential risk. 

A stalled user base is perilous, espe- 
cially when users are sticking with a 
product as poor as Windows 98. That 
means they’re saddled with lousy per- 
formance, unreliable systems and un- 
secured ones as well. The second trou- 
bled front that Microsoft faces con- 
cerns a market that’s starting to look 
for alternatives. 

For example, 30% of 349 small and 


midsize business users re- 
cently surveyed by Jupiter 
Research said they are 
looking at Linux on the 
desktop. While most of 
those businesses can’t 
make the economic leap to 
migrate today, that situa- 
tion could change over a 
short period of time. As in- 
terest from users grows, so 
does interest from OEMs 
and independent software 


feedback loop that could be 
damaging for Microsoft. 
So, why is Microsoft in 
this position? It’s not about 
bad product, but rather 
poor marketing and evan- 
gelism, the third troubled 
pee front. Let’s face it: If you 
can’t show the market value of Win- 
dows XP over prior efforts, you’re not 
doing an effective marketing job. Mi- 
crosoft’s only hope is to relaunch and 
reinvigorate XP quickly, making sure 
that existing XP customers migrate to 
Service Pack 2 and getting the majority 
of the customer base to migrate before 
| 2006. That’s going to mean some effec- 
| tive marketing, not the fluffy, touchy- 


| 
| 


| 
| 
| 


COMPUTERWORLD April 5, 2005 17 


feely stuff we’ve gotten recently (or, 
worse, something like those inane 


| Microsoft Office commercials, which 


make me cringe whenever I see them). 


| It’s time for Microsoft to start showing 


| what customers can do with their 
| products and how they can improve 
| their businesses and their lives. 


This is a huge opportunity for Mi- 


| crosoft’s competitors and customers. 


The competitors can use this as an op- 
portunity to close the gap before Red- 


| mond gets its act together. IT depart- 
vendors, creating a positive | 


ments should use the time to evaluate 
all their options for the desktop. While 
most will be well served by going to 


| XP, some will benefit from looking at 
| other options, if for no other reason 
| than to compare and justify costs. 


It’s time to get users off old Win- 


| dows versions for security and reliabil- 


ity reasons, and if Microsoft doesn’t 


| step up to the plate quickly, someone 
| else will. Like nature, the IT industry 
| abhors a vacuum. The market simply 
| won't stand still until 2008, or whenev- 


er Longhorn ships. @ 45641 


WANT OUR OPINION? 


More columnists and links to archives of previous 
columns are on our Web site: 
www.computerworld.com/columns 








Boomers to Linger 


| T’S VERY DOUBTFUL that a mass 
exodus of baby boomers will oc- 
cur as soon as they're eligible for 
retirement (“Stay Just a Little Bit 
Longer,” QuickLink 44897]. There 
are two reasons for this. First, a 
large percentage of the IT world is 
composed of workaholics who 
wouldn't know what to do with 
themselves if they retired. Second, 
many people have spent them- 
selves into lifestyles they couldn't 
afford if they retired. It's going to be 
just as large a problem to retain the 
talented workers who are frustrated 
waiting to advance into positions 
held by those who should retire. 
Andrew Creed 

Duluth, Ga. 


RFID Credit Risk 


AY CLINE’S ARTICLE “The RFID | 


Privacy Scare Is Overblown” 
[QuickLink 44795] was mostly on 
target. Where he and | diverge is 
RFID-enhanced credit cards. | real- 
ize that there are risks with handing 
my credit card to a restaurant em- 





ployee or using it with a Web-based 
vendor, but those are risks | choose 
to assume. | most likely would know 
the source of a credit “leak” in that 


| case. Not so if my credit card has an 


RFID tag. 

Nothing would prevent someone 
from developing a portable device 
that could read the values on the 
cards in my pocket. A talented thief 
with such a device could easily har- 
vest thousands of credit cards dur- 
ing the Christmas season. 


Gary Rimar 


| Owner, Dynamic Solutions, 


Bloomfield Hills, Mich., 
me@garyrimar.com 


| Offshoring Makes 


False Assumptions 


DON’T UNDERSTAND the call by 

the proponents of offshoring for 
Americans to become better edu- 
cated. India, China and Eastern 
Europe can keep up with us on 
the educational front. What they 
have is the ability to undercut our 
labor costs. 

Truly, for America to compete, as 





Dan Gillmor says, lower expecta- 
tions are required (“Offshoring and 
Lowered Expectations,” QuickLink 


| 45077]. Can a highly educated 


American ever accept $10 an hour? 
Gary L. Sampson 

Blackwood, N.J., 
daysofnoah@comcast.net 


LEXANDER Katsenelin- 
boigen asks us to “imagine 

that a programmer in india writes a 
program so useful that it creates 
thousands of jobs for developers in 
the U.S. to adopt, support and en- 
hance its functionality” [“The Pecu- 
liar Nature of Software,” QuickLink 
44937]. But even if this imaginary 
situation occurred, only a small 
fraction of U.S. IT job losses might 
be offset. In general, the authors of 
most opinion pieces on offshore 
outsourcing say one of four things: 

1. Poor education is the cause of 
outsourcing, and better education in 
new skills is the answer. (What are 
these magical skills that can’t be 
done cheaner in another country?) 

2. Mainly low-level jobs, like 
coding and debugging, are being 
outsourced. (In small and medium- 





size shops, well-paid developers do 


| the coding and debugging them- 


selves, and they spend most of their 
time doing those “low-level” jobs.) 

3. Outsourcing allows business- 
es to sell their products more 
cheaply to U.S. consumers. (But 
aren't at least some of these con- 
sumers the workers whose jobs 
have gone overseas?) 

4. What's good for business 


| is good for us all. (Read Sinclair 


Lewis.) 

Mike Bergman 
SAP team leader, 
Downers Grove, Ill. 


COMPUTERWORLD weicomes 
comments from its readers. Letters 
will be edited for brevity and clarity. 
They should be addressed to Jamie 
Eckle, letters editor, Computerworld, 
PO Box 9171, 500 Old Connecticut 
Path, Framingham, Mass. 01701 
Fax: (508) 879-4843. 
E-mail: letters@computerworld.com. 
Include an address and phone num- 
ber for immediate verification. 

For more letters on these and 


other topics, go to 
www.computerworld. 





ROBUST OBJECTS 
AND ROBUST SOL 


a a 


. 3 12s eR aoe 


A BETTER DBMS 


For your next generation of applications, move 
to the next generation of database technology. 

Caché is the post-relational database that com- 
bines high-performance SQL for faster queries and 
an advanced object database for rapidly storing 
and accessing objects. With Caché, no mapping 
is required between object and relational views of 
data. That means huge savings in both development 
and processing time. 

Applications built on Caché are massively scala- 
ble and lightning-fast. Plus, they require minimal or 
no database administration. 

More than just a database system, Caché incor- 
porates a powerful Web application development 


environment that dramatically reduces the time to 
build and modify applications. 

The reliability of Caché is proven every day in 
“life-or-death” applications at thousands of the world’s 
largest hospitals. Caché is so reliable, it’s the leading 
database in healthcare — and it powers enterprise appli- 
cations in financial services, government and many 
other sectors. 

We are InterSystems, a specialist in data manage- 
ment technology for twenty-five years. We provide 
24x7 support to four million users in 88 countries. 
Caché is available for Windows, OpenVMS, Linux and 
major UNIX platforms — and it is deployed on systems 
ranging from two to over 10,000 simultaneous users. 


InterSystems » 


E.. CACHE 


Make Applications Faster 


Try a better database. For free. 


Download a free, fully-functional, non-expiring version of Caché or request it on CD at www. InterSystems.com/robust 


Jems Corporation 








Data Finds a Place On the Grid 


Interest is growing in grid technology as a 
means of sharing data within an enterprise and 
outside it. But vendor support is just beginning 
to emerge, and standards are still evolving, 
say researchers such as Ian Foster (right) of 
Argonne National Laboratory. Page 22 


04.05.04 





SECURITY MANAGER'S JOURNAL 
Cheap Scanning Comes at a Price 


OPINION ; 
Pick Your Outsourcing 


Using Nessus software for port scans Perspective 


helps the budget, but the freeware’s 
inadequate reporting and management 
capabilities send Mathias Thurman 


looking for alternatives. Page 28 


; 


') ‘AY 
By Alan R. Earls 
OW MUCH is an organiza- 
tion’s reputation worth? 
Just consider the fate of 
Martha Stewart’s company 
since its founder has been 
in legal hot water — stock 
prices battered, consumers on the run 
and no place to lie low until the scan- 
dal fades from public memory. 

While Martha Stewart Living Omni- 
media’s fate offers an extreme example 
of a spoiled corporate reputation, dam- 
age can also come more subtly. In the 
Internet Age, companies are learning 
that they must be more alert than ever 
to what customers, shareholders, regu- 
lators and the media think about them 

— and what they say about them. 

“Reputation management is one of 
the most important components of a 
successful PR department, but it is also 
one of our greatest challenges,” says 
Dan Miller, public relations manager 
at PacifiCare Health Systems Inc., a 
health care provider in Cypress, Calif. 
Miller says his five-person department 
has struggled to find the time to ade- 
quately assess what’s going on in the 
industry and has relied on an outside 
consulting firm to perform a manual 
analysis of what’s being said about 
PacifiCare in print and on the Web. 

But things are changing. Today, rep- 
utation management is increasingly 
the focus of new technologies and 
techniques, ranging from human-aided 
Web searches to advanced analytical 
software running on enormous server 





Paul A. Strassmann says 
calculating the value of out- 
sourcing can depend on how 


you look at it. Page 30 


farms dedicated to teasing trends and 
shades of meaning from millions of 
Web pages. PacifiCare now tracks its 
reputation using software delivered as 
a service from Biz360 Inc. that mines 
millions of Web pages for information 
about the company and the context in 
which it’s presented. 

Even with the best technology, pro- 
tecting and strengthening a corporate 
reputation is no small task, in large part 
because the Web has empowered peo- 
ple to communicate more freely and 


| openly than ever before — sometimes 


blindsiding businesses that thought 


| they were sitting on top of the world. 


As a matter of fact, reputation man- 
agement has two current meanings. 
From the consumer’s point of view, 
reputation management consists of 
those consumers who, on their own ini- 
tiative, share their impressions of an or- 


| ganization or person. Familiar exam- 


ples include book reviews on Ama- 
zon.com or the comments that buyers 
and sellers post on eBay about one 


| another’s business practices. In short, 
| consumers manage the reputations of 
| those with whom they do business. 


Companies on the receiving end of 


| such scrutiny, however, view reputa- 
| tion management as the actions they 
| need to take to ensure that they and 


their brands remain unsullied and 
viewed in the most positive light possi- 


| ble. And it’s here that technologies 


like those adopted by PacifiCare are 


| emerging to improve the awareness 


and responsiveness of organizations. 


Making Reputations 


Consumers have been empowered by 


their ability to provide feedback and 
comments about products, says Jakob 
Nielsen, author of the influential book 


| Designing Web Usability (New Riders, 


1999) and one of the first to use the 


| term reputation management in a 


Web/consumer context. However, he 
notes, there’s a growing awareness of 
the limits of this approach, because it’s 
so easy to “game” the system. “We saw 
this recently with Amazon.com, where 





COMPUTERWORLD April 5, 2004 


TECHNOLOGY 


www.computerworld.com 





Vinning 
ANIC 
ANIC 


it was revealed that many positive book 
reviews were generated by the authors 
themselves,” Nielsen says. 


° ° i | 
But more sophisticated rating systems | 
| dent of technology at Factiva, says the 


are evolving, he says. For example, 
Epinions Inc.’s Epinions.com not only 
accepts consumers’ votes but also of- 
fers a feedback mechanism to assess 
the reliability of those comments. 
Nielsen says such multilevel approach- 
es create “a web of trust.” 

Although consumer-driven reputa- 
tion management may be a growing 
force, Nielsen says that for the mo- 
ment, search engines are probably 
even more influential. “Most con- 
sumers and most people in business 
don’t really grasp how the technology 
works — and how it drives markets 
and perceptions,” he says. 

For instance, Nielsen observes that 
Google Inc. depends on the “reputa- 
tions” of Web sites because its search 
engine gives higher rankings to a site 
based on the number of links that are 
made to that site. And, of course, peo- 
ple have been known to set up “link 
farms” to try to improve the rankings 
of their Web pages, he says. 

“Some companies are still clueless; 
they think image is the way to go on 
the Internet,” Nielsen says. “But more 
and more appreciate that because it is 
a network and offers two-way commu- 
nication, they need to respond in more 
creative ways.” 


A Fountain of Information 

One of the most ambitious attempts to 
do just that is under way at IBM’s Al- 
maden Research Center. A data mining 
system dubbed WebFountain digests 
millions of Web sites and billions of 
pages of text and other data with the 
help of a giant server farm to provide 
insight on a wide range of subjects (see 
Future Watch, page 23). And the proc- 
ess is open-ended — WebFountain is 
armed with sufficient intelligence to 
discover data patterns that may reveal 
new trends or opportunities. 

New York-based Factiva, a joint ven- 
ture of Dow Jones & Co. and Reuters 
Group PLC, has partnered with IBM to 
co-develop text analytics applications 





| built on the WebFountain platform. 


Factiva’s first application on the 


| : 
| platform will track corporate reputa- 


tions by analyzing information from a 


| vast collection of Factiva sources, In- 


ternet pages and newsgroups. The re- 


| sulting reports will show the informa- 


tion in context, providing a view of rel- 


| evant business issues and industry 
| trends and exposing relationships. Fac- 


tiva says a company can use this soft- 


| ware to get a clear view of corporate or 
| brand perception, how that perception 


is changing and emerging issues asso- 


| ciated with that company or brand. 


Dennis Cahill, associate vice presi- 


service can even scan message boards 
and blogs, “where people form their 
opinions,” and combine those results 


| with information from the mainstream 


press. “We feel this is the first tool that 


| will really allow companies to effec- 
| tively understand the worldwide con- 


versation that is occurring around 
their products and services,” he says. 
The service is targeted at companies 


| with $150 million or more in revenue. 


Cahill says IBM provides the back-end 


| text mining onto which Factiva grafts 
| its intelligence. Subscribers also get 


some help with setup and analysis 


from human experts. 


“Out of the box, there are sets that 
isolate premium articles and special- 
interest groups, but a user can then set 


things up so they can view them differ- 
| ently,” he explains. Factiva has yet to 
sign up a customer, but Cahill says 
there has been strong interest, and 

he’s confident that the product will 

be widely embraced. 


| Looking Outward 

Meanwhile, San Mateo, Calif.-based 
Biz360 has been providing its own 
Web-based analysis for clients by mon- 
itoring some 50,000 print, online and 
broadcast sources. While its breadth of 
analysis, which is limited to traditional 
media sources, may be less ambitious 
than that of the WebFountain/Factiva 
offering, Biz360 has managed to sign 
up some well-known customers. 

You Mon Tsang, chief marketing of- 
ficer at Biz360, says most companies 
do a good job of managing information 
| internally, but “the same rigor isn’t ap- 
plied to external information, which is 
collected haphazardly, if at all.” And if 
“all you do is stare at the corporate 
dashboard,” you're in big trouble, he 
says, because you won’t understand 
the evolving market dynamics. 

Tsang says Biz360’s software deliv- 
ered as a service tracks up to 1.25 mil- 
lion pages and applies intelligence on 
top of that to answer questions. In ad- 
dition to PacifiCare, Biz360’s clients 
include 3Com Corp., Harley-Davidson 
Inc., Seagate Technology LLC, Sun Mi- 
crosystems Inc. and VeriSign Inc. 





Reputations Caught in the Web 


“Search engines have become the pri- 
mary resource for journalists and other 
constituents to gather information on a 
specific company,” says Robert Key, 
president and CEO of Converseon Inc. 
“Yet while many companies may pay 
close attention to how the traditional 
media portrays them, most companies 
are completely unaware of what infor- 
mation is appearing when search engine 
users type in a company’s name.” 

Converseon, which calls itself a “digi- 
tal communications agency,” has rolled 
out what it claims is the first search- 
engine reputation management service. 
It's designed specifically to help compa- 
nies better monitor and control their 
reputations by helping them manage 
what appears in search listings under 
company-branded keywords. 

“Search engines are a critical ele- 
ment for reputation management, as 
they have become a powerful new form 
of media,” says Key, pointing to exam- 
ples such as McDonald's Corp. and Nike 


1 Inc. When users type those companies’ 
names into Google, they can turn up 

1 highly negative sites like the Boycott 

1 Nike Homepage and McSpotlight.org, 

| which calls itself a “protest site.” 

1 Converseon and companies like 

! Biz360 and Factiva aren't alone in 

| seeking to make or repair their corpo- 
1 rate reputations in cyberspace. 

; Burson-Marsteller, a New York-based 
1 Public relations agency, has begun to fo- 
t cus on online reputation management 

| and has produced a body of studies it 

1 Calls the e-fluentials (www-efluentials. 
! com) about online public-opinion lead- 
| ers. Burson-Marsteller also offers tools 


1 to review how companies respond to 


; he says can “help you figure out how to 
1 reduce stakeholders’ outrage.” 
i - Alan R. Earls 





“We do track reputation manage- 
ment, but the main reason we use 
Biz360 is for brand management — to 
try to increase our mind share with 
customers, shareholders and industry 
influencers,” says Woody Monroy, ex- 
ecutive director of corporate commu- 
nications at Scotts Valley, Calif.-based 


| Seagate. 


“In the bad old days, a PR agency 
would give you a monthly clips report 
and you would try to do an analysis on 
that,” says Monroy. But with Biz360, he 
says, “we have real-time access, allow- 
ing us to be much faster on our feet.” 
Monroy also says Biz360’s internation- 


| al coverage is a big help, since only a 


third of Seagate’s revenue comes from 
the U.S. “We had trouble getting that 
information before we adopted this 
product a couple of years ago,” he says. 


Ideas Rather Than Words 


The key to Factiva and some of the 
other reputation management offer- 
ings is text analytics, says Susan Feld- 
man, an analyst at research firm IDC. 
“That capability lets you look inside 
documents and pull out the informa- 
tion you need on a specific topic — 

it parses the document the way you 


| would parse a sentence in fifth grade,” 


she says. Feldman says syntactic analy- 
sis is much more sophisticated than 
what a search engine does. “It can dis- 
tinguish the difference in meaning be- 
tween the statements ‘Bill hit Fred’ and 
‘Fred hit Bill, ” she explains. 

“If you want to look for ideas rather 
than just words, you can store them as 
a block that includes the subject, ob- 
ject and verb relationship,” says Feld- 
man. “Then you can match those simi- 
lar concepts.” 

Factiva’s Cahill says the ability to 
match and relate concepts will become 
more valued as companies begin to un- 
derstand the importance of monitoring 
their reputations. “Corporations spend 
a lot of money trying to understand 
how consumers view them,” he says. 
“This technology lets you monitor 
everything — what’s in the mainstream 
press as well as the smoldering fires.” 

Still, precisely because the stakes are 
so high, PacifiCare’s Miller says he’ll 
probably continue to use more tradi- 
tional quarterly reports from a human- 
based consulting service to supple- 
ment the daily flow of data from Biz- 
360. “It provides checks and balances 
that we find valuabie,” he explains. 


@ 45643 





Earls is a freelance writer in 
Franklin, Mass. You can reach him 
at alanearls@comcast.net. 





www.veritas.com/vision/register.html 


: MAY 3 - 7, 20 1 
VERITAS V | S | 0 BM veneruan HOTEL | coun pL sesh 


aa 
oe Sy li 


BACKUP NOT ROCKET SCIENCE. 


Find out what 99% of the FORTUNE 500° already know: enterprise-strength backup and recovery software doesn’t require a team of 
rocket scientists to manage it. New NetBackup™ 5. Because easier is better. Software for Utility Computing. Find out more at veritas.com 


VERITAS 


© 2004 VERITAS Software Corporation. All rights ed. VERITAS, the VERITAS Lo; nd NetBac = 7” 
VERITAS Software Corporatio: its affiliate a ne U.S. and other count . Oth 





2 COMPUTERWORLD April 5, 2004 


DAIA 


ee A PLACE 


ana 


ir 


| 


eilenconaid we soiaieail are 
just evolving, but companies are 
looking to share data across grids. 


BY PATRICK THIBODEAU 


HE DATA GRID has been 
playing second fiddle 
to the compute grid 
when it comes to media 
attention. But companies and 
public institutions searching 
for better ways to share and 
manage large amounts of data 
are beginning to take notice. 

A compute grid allows users 
to take the computing re- 
sources in a distributed and 
heterogeneous environment, 
manage those disparate re- 
sources as one and focus them 
on problem solving. 

A data grid acts in a similar 
way. It has a middleware layer 
and metadata framework to 
give users a centralized view of 
distributed data without physi- 
cally centralizing the data. 

That means the data can be 
located on Windows, Unix or 
Linux systems running multi- 
ple formats. It can be struc- 
tured or unstructured and can 
consist of different media 
types. A data grid and a com- 
pute grid can operate together 
— the principles are the same. 

But there are limits to what 
a grid can do. A grid, for in- 
stance, doesn’t offer a means 
for discovering and categoriz- 
ing unstructured data. What 
the data grid provides is a stan- 





dards-based framework for in- 
terconnecting that information 
once those tasks are addressed. 
Data-grid technology is in 
the early-adopter phase, draw- 
ing the interest of research in- 
stitutions with large and scat- 
tered data repositories, such as 
Pfizer Global Research & De- 
velopment in Groton, Conn., 


oR wR Re — 





TECHNOLOGY 


and the University of Arkansas 
Center for Advanced Spatial 
Studies in Fayetteville, as well 
as research consortiums such 
as the European Union’s Data- 
Grid project, led by particle 
physics research center CERN. 

Data grids will find broader 
applications as standards ma- 
ture and technology problems, 
such as managing security in 
a grid’s distributed environ- 
ment, are solved, say analysts 
and users. 

“T think the whole promise 
of grid is pretty exciting,” 
says Paul Lewis, director of 
research information architec- 
ture at Pfizer. But more work 
is needed, he adds. 


Seeking Support 
Products that support data in 
a grid environment are emerg- 
ing. For example, Pfizer uses 
Avaki Inc.’s data-grid software. 
The Center for Advanced Spa- 
tial Studies takes advantage 

of the grid capabilities in Ora- 
cle 10g, Oracle Corp.’s flagship 
database. 

But the very concept of 
grids involves interconnected- 
ness among disparate applica- 
tions and data sources. Until 
vendors include standards- 
based grid capabilities, inter- 
faces and processes in their 
products, data-grid adoptions 
are going to be limited. 


x “The equivalent of the Internet Protocol for remote access to data is still a 
ms work in progress,” says lan Foster, a scientist at Argonne National Lab. 





“Vendors have got to step 
up and say, ‘We’re going to 
make our products grid- 
enabled,’ ” says Lewis. “If 
more vendors grid-enable 
products, it makes our job eas- 
ier, because then we can plug 
in more computers when we 
need more capacity.” 

Emerging data-grid prod- 
ucts, such as Avaki’s, are being 
used within companies. But 
some of the leading thinkers 
behind the data-grid effort 
imagine developing systems 
that connect large numbers of 
enterprises, entire supply 
chains and customer bases. 

“The equivalent of the In- 
ternet Protocol for remote ac- 
cess to data is still a work in 
progress,” says Ian Foster, se- 
nior scientist and head of the 
Distributed Systems Lab at 
Argonne National Laboratory 
in Illinois and co-director of 
the grid standards effort at the 
Globus Alliance. 

“Certainly, we’ve got some 
pretty good solutions for 
fixed-file-based data, and we 
are starting to address rela- 
tional databases and XML 
databases, but there is much 
more to be done,” he says. 


Put to the Test 


The trailblazers of large data 
grids include the DataGrid 
project, which has spent the 
past two years and 10 million 
euros developing a testbed 
linking major European re- 
search institutions. The test- 
bed is intended to handle tens 
of thousands of computing 
resources. 

The DataGrid project has 
been addressing uniform ac- 
cess to those resources, secu- 
rity and data replication to 
make data on another system 
appear local to the user. 

The “middleware is still 
fragile,” and security “is not 
perfect,” says Frabrizio Gagli- 
ardi, who heads the project. 
But enough advances have 
been made for the EU to ap- 
prove more than 30 million 
euros over the next two years 
to fund a larger effort called 
Enabling Grids for E-science 
in Europe, or EGEE. 

Avaki’s data grid allows 
Pfizer researchers to share 


| data. Previously, genetic re- 





www.computerworld.com 


Scientific applications 
Computationally demanding 
ley elitr Leas 

Large data sets and archives 
Projects and enterprises that 
involve dispersed users and 
est geet 

Projects and enterprises 
that require a broad range of 
capabilities and resources 


SOURCE: GLOBUS ALLIANCE 


search data was published and 
made accessible to other 
researchers through a file 
transfer protocol process. 
“That’s not an efficient use of 
our network, and it’s a manual 
process,” says Lewis. “And you 
can have failures during the 
FTP process.” 

The data is now published to 
the grid, and anyone with the 
appropriate permissions can 
access it. Because of the cach- 
ing mechanism, the data ap- 
pears local to the user, says 
Lewis. 

One key benefit of a grid 
approach, says Fred Limp, di- 
rector of the Center for Ad- 
vanced Spatial Studies, is that 
it allows him to make the most 
of a mix of different vendor 
offerings, potentially reducing 
his hardware costs. 

“As long as I am running 
[Oracle] 10g, I have that kind of 
flexibility,” Limp says. The grid 
is lowering costs and improv- 
ing the center’s ability to 
process data. “Any of the re- 
sources within that grid are 
available to me or the applica- 
tion as necessary,” he says. 

Philip Russom, an analyst 
at Forrester Research Inc. 
in Cambridge, Mass., said 
products from Oracle and 
Burlington, Mass.-based 
Avaki represent the leading 
edge of grid offerings, but 
he expects other integration 
vendors to follow soon. Fi- 
nancial services firms, insur- 


| ance companies and other 


enterprises with heavy data 
requirements will likely re- 
main the primary corporate 
users. A grid approach may 
offer them a way to integrate 
existing data silos or “inte- 
grate the integrations,” Rus- 
som says. @ 45654 





SHOWING 
+ WITH - 


it you're jooking for 4 hit, loo SDLT 600. With a thrilling 600 GB capacity” 
and 72 MB/s* , market. The SDLT 600 debuts with 


piTsage™ to give yo 
the SDLT 600 is backward com 
new drive and register to WIN one Beautiful Thing” 








Finally, the technology of a supercomputer at a breakthrough price. It’s here in our newest IBM eServer BladeCenter 
server* The BladeCenter JS20 is powered by the same chip technology that drives some of the world’s fastest 
supercomputers — the innovative POWER™ architecture — yet it’s designed to be affordable. Very affordable. Plus, 
BladeCenter JS20 servers thrive in both 32- and 64-bit environments. And when slipped into a complete BladeCenter 
system, voila, a single interface integrates your servers, network and storage. So do what the on demand world 
demands: simplify — and advance — your infrastructure. For more information, visit ibm.com/eserver/blade 


Get ail this only with ibn »<U Diades 


The BladeCenter JS20° is powered by advanced POWER 
processor technology. (Slide it into the BladeCenter system 
and you've got the power to advance your business.) 





TECHNOLOGY 


www.computerworld.com 





OST information 
junkies would be 
hard-pressed to name 
anything that has 
transformed their 
professional lives as 
much as Internet search en- 
gines have. The miraculous 


devices can take your hot topic | 
of the day, scan millions of Web 


pages and in seconds bring 
back product announcements, 
research papers, the names of 
experts and more — things 
that would be difficult or im- 
possible to find otherwise. 

But as powerful as they are, 
search engines have huge 
weaknesses. For example, a 
recent Google search on the 
word Linux took just 0.4 sec- 
onds, but it had 95 million hits. 
Too bad if the one you need is 
No. 10,000 on the list. 

But researchers are poised 
to revolutionize search tech- 
nology over the next few 
years. The most common 
thrust is to personalize search 
engines so that they know, for 
example, that if you’re an IT 
professional and you search 
for mouse, you’re more likely 
to want information about PC 
devices than about animals. 

Adele Howe, a computer 
science professor at Colorado 
State University in Fort Col- 
lins, and Gabriel Somlo, a CSU 
graduate student, have built a 
proof of concept called Query- 
Tracker, a software agent that 
sits between a user and a con- 
ventional search engine and 
looks for information of recur- 
ring interest, such as the latest 
news about a user’s chronic 
illness. QueryTracker submits 
a user’s query to the search 
engine once a day and returns 
results from new Web pages 
and pages that have changed 
since the previous search. 

The magic in QueryTracker 
comes from its automatic gen- 
eration of an additional daily 
query — which Howe says is 
often superior to the user’s 
original query —- based on 
what it learns about the user’s 
interests and priorities over 
time. It filters the results of 
both queries for relevance and 
sends them to the user. 

QueryTracker’s ability to 
generate its own searches can 
compensate for the poorly 





SEARCH 
FOR wicinc 
TOMORROW 


QueryTracker supplements the 
Tees Ome me ey 
performance improves with user feedback. 


formed queries that many 
users write, Howe says. “Even 
people knowledgeable about 
the Web are often either lazy 
or they are just not informed 
about how to write good 
queries,” she says. The most 
common mistake: queries that 
are too short, like the one- 
word Linux search. 

Jeannette Jenssen, a mathe- 
matics professor at Dalhousie 
University in Halifax, Nova 
Scotia, is taking search person- 
alization techniques a 
step further, to the 
“crawlers” that index 
Web content before it 
can be searched. She 
says the popular search en- 
gines have three drawbacks: 
They are increasingly charging 
corporate users for their ser- 
vices, they skew results in fa- 
vor of advertisers, and they of- 
ten retrieve huge amounts of 
irrelevant information. But 
Jenssen’s “focused crawler” in- 
dexes only pages related to 
prespecified topics and then 





FUTURE 
WATCH 


| 
| 


tailors the rankings to the inter- 
ests of the user. 

For example, she says, a 
medical society might run the 
crawler nightly to index just 
pages relating to medicine. And 
it would rank the resulting hits 
in a way that made sense to the 
medical establishment, not to 
advertisers or average Web 
surfers. The crawler would get 
progressively better at build- 
ing its nightly index by ob- 
serving the behavior of the 
searches against it. 

Other focused 
crawlers look for pages 
containing information 
that meets specific cri- 
teria. But Jenssen’s crawler can 
discern hidden, or indirect, 
links through a process she 
likens to the children’s search 
game “warmer-colder.” 

For example, she says, imag- 
ine a Web crawler that focuses 
on computer science topics. 
Computer science research 
papers often are linked to the 
home pages of the professors 








who wrote them, and their 
pages are linked to the profes- 
sors’ universities’ home pages. 
“When the crawler gets to the 
university page, it searches 
more intently than it would at 
a company page,” Jenssen says. 
“Tt says, ‘I’m getting warmer.’ 
It analyzes user behavior and 
Web paths to automatically 
learn these trajectories.” 

Filippo Menczer, a comput- 
er science professor at Indiana 
University in Bloomington, 
says conventional search en- 
gines determine a document’s 
relevance by considering vari- 
ous things in isolation. They 
may first select a document 
because it contains the key- 
words in the query. Then, to 
rank the results, they may con- 
sider how many links point to 
the document. Better results 
could be obtained from con- 
sidering many such “measures 
of relevance” — including user 
preferences — in combination, 
and in considering combina- 
tions of pages rather than sin- 
gle pages, Menczer says. 

Such complex and powerful 
searches will be practical in 
three to five years when com- 
puters are more powerful. 
“We'll do brute-force, large- 
scale data mining over the 
whole Web — over many tera- 
bytes of information,” says 
Menczer. 


Data Fountain 

Brute force is a pretty good 
description of IBM’s Web- 
Fountain, a huge Linux cluster 
that runs 9,000 programs con- 
tinuously and crawls 50 mil- 
lion new pages every day. But 
WebFountain doesn’t simply 
index keywords; it applies nat- 
ural-language analysis con- 
cepts to extract meaning from 
unstructured text. 

For example, it determines 
whether an entity is a person’s 
name, company name, loca- 
tion, product, price and so on, 
and then it attaches searchable 
XML metadata tags to it. “We 
are tagging the entire Web, all 
of Usenet news, all the wire 
services and so on,” says Dan 
Gruhl, WebFountain’s chief ar- 
chitect at IBM’s Almaden Re- 
search Center. 

The software is pretty good 
at extracting and tagging the 





Search This 


Researchers at the University of 
California, Berkeley, estimate that in 
2002, 5 exabytes of new informa- 
tion was recorded on paper, film, 
and magnetic and optical media. 
How much is 5 exabytes? 


Kilobyte: 
1,000, or 10°, bytes 
2KB = a typewritten page 


Megabyte: 
1,000,000, or 10°, bytes 
1MB = a small novel 


Gigabyte: 

1,000,006,600, or 10°, bytes 
1GB = a pickup truck 

full of books 


Terabyte: 

1,000,000,000,000, or 10”, bytes 
1TB = 50,000 trees’ worth of 
printed pages 


Petabyte: 
1,000,000,000,000,000, 
or 10°, bytes 

2PB = all U.S. academic 
research libraries 


Exabyte: 
1,000,000,000,000,000,000, 
or 10°, bytes 

5EB = all words ever spoken 
by human beings 


semantic meaning of unstruc- 
tured text, but Gruhl says 
more research is needed to do 
reliable “sentiment analysis,” 
which, for example, would let 
companies automatically mon- 
itor the reputations of their 
products. (To read more about 
this feature, see “Winning the 
Name Game” on page 19.) 

Researchers at the Almaden 
center are experimenting with 
Sentiment Analyzer, which 
tries to extract opinions from 
online text documents. If a 
customer said at a Web site, 
“The Ford Explorer is great,” 
that would be easy to classify, 
Gruhl says, but if the customer 
said sarcastically, “It’s almost 
as good as the Ford Pinto,” se- 
mantic analysis software 
would be stumped. 

Making sense of that kind of 
statement is one of the goals of 
IBM’s research. @ 45571 


THE NEXT STEP 


Could corporations be doing more with 
today’s search technology? Find out online: 
© QuickLink 45572 


www.computerworld.com 





www.computerworld.com 


Extensis Revises 
Portfolio 7 Server 


Extensis Inc. in Portland, Ore., 
announced an updated release 

of its Portfolio 7 Server for digital 
asset management. New features 
include automatic content syn- 
chronization, enhanced collabora- 
tion and automated workflow 
tools. Also new are optional con- 
nection modules for Microsoft SQL 
Server; modules for Oracle and 
MySQL will be available in July. 
Portfolio 7 Server for Windows 
will be available this month for 
$3,499, followed by a Macintosh 
version in May. 


Sun Offers Early 
Access to Java Tool 


Sun Microsystems Inc. announced 
that an early-access release of its 
Sun Java Studio Creator applica- 
tion development too! will be avail- 
able April 8. The tool includes the 
Java Enterprise System runtime, 
the Java 2 Standard Edition Plat- 
form Software Develojment Kit 
and a small-footprint database 
server from PointBase Inc., a divi- 
sion of DataMirror Corp. The final 
product is due to ship midyear, ac- 
cording to Sun. 


Jasomi Updates 
VoIP Controllers 


Jasomi Networks Inc. in San Jose 
last week announced an upgrade 
to its line of voice-over-IP con- 
trollers, known as PeerPoint 3.2. 
New features include enhanced 
midcall encryption, compliance 
with encryption standard RFC 
3550, improved protocol-repair 
capabilities and improved hot fail- 
over support, the company said. 
No pricing was announced. 


Zend App Stabilizes 


PHP on Windows 


Israel-based Zend Technologies 
Ltd. has announced WinEnabier, 
software designed to make the 
PHP Hypertext Preprocessor as 
stable in a Windows environment 
as it currently is on Linux and 
Unix, according to the company. 





| PHP was initially written for a 

| Linux/Unix multiprocess platform 
| where each server request is han- 
| dled by its own process. Web 

| servers on Windows, however, 


use the model of multiple threads 
within a single process, which 


TECHNOLOGY 


; means that if a PHP thread crash- 
es, it can bring down the entire 
Web server. WinEnabler runs as a 

| layer between PHP and the Web 

server, mediating between thein. 

Pricing for the software starts at 

| $195 per server. 


Learn from 


the best in 


item UT atte 


r customers 


5 of the top 6 
bal automotive companies 


10 of the top 15 
Forbes retail companies 


11 of the top 12 
industrial OEMs 


oe 


Remus e let sa 


brand names in the 


PET ME ta 


... use our solutions 


Anta Announces 
| VOIP System 


| Anta Systems Inc. in Santa Clara, 
| Calif., last week announced the 
Simplicity VolP System. It includes 


‘log on to www.i2.com. 


an IP PBX, a VoiP service switch 
and business-class phones based 
on the Session Initiation Protocol. 
The system can serve from 2,000 
subscribers per VoIP switch to 
20,000 subscribers in a cluster of 
switches. Pricing wasn't available. 


i2 has 15 years of expertise 
in supply chain and we 
continue to learn from 
the best in the business... 


our customers. 


d respond to 
to matcn available supply 


loop between planning and execution 


If you plan to attend only one 
business conference this year, 
register now for i2 Pianet® 2004 


San Diego. This premier event w 








COMPUTERWORLD Apri's,2008 20 


28 COMPUTERWORLD April 5, 2004 


TECHNOLOGY 


Cheap Scanning 
Comes at a Price 


Aglobal deployment of the free Nessus 
port-scanning software saves the budget 
but lacks the reports that management 
demands. By Mathias Thurman 


ULNERABILITY assess- 
ments are a crucial | 
aspect of our overall 
information security 

program. We use Nessus, a 

port scanner that’s available 

free on the Internet, to con- 
duct assessments of our infra- 
structure. To ensure that we 
have full coverage, we’ve in- 
stalled what we call “scan en- 
gines” at various loca- 
tions throughout our 
organization in the 

U.S., Europe and Asia. 

Each scan engine 
consists of a PC with 
our hardened installa- 
tion of Linux and 
Nessus loaded on it, and each 
is responsible for scanning 
ports across its respective geo- 
graphical area. My team and I 
just beefed up the scan-engine 
PCs with additional memory. 
We've also written scripts, 
which we configured within 
Nessus by selecting various 
plug-ins, to continuously scan 
our infrastructure for certain 
types of vulnerabilities. 

Since we’re scanning huge 
amounts of address space, a 
full scan using all available 
plug-ins would take many 
days, use a lot of resources 
and create lots of data to re- 
view. Instead, we try to strike 
a balance by selecting only 
those sets of plug-ins that rep- 
resent the most serious risks. 

The downside is that by not 
running all available plug-ins, 
we risk missing a potential 
vulnerability. For now, howev- 
er, the ability to very quickly 
scan our entire environment is 
more important. We still do 
periodic scans with a more 
comprehensive list of plug-ins, 
but not on a daily basis. 





oceacceee 


SECURITY 


One plug-in we enable is for 


| the remote procedure call Dis- 


tributed Component Object 
Model vulnerability, which 
is responsible for allowing 
worms such as MS Blaster to 
propagate through the net- 


| work. By scanning in an expe- 


dited manner, we can quickly 
identify vulnerable worksta- 
tions and servers. 

We try our best 
to keep servers 
and workstations 
patched, but every 
now and then a re- 
source gets installed 
in a location that 
isn’t under our con- 
trol, such as the engineering 
labs, and malicious code 
sneaks into our production 
environment. 

In my company, the engi- 
neering labs aren’t controlled. 
Servers and workstations are 
built up and torn down regu- 
larly, without much thought 
given to secure installation 
practices. We’re working on a 
plan to segregate the labs from 
the rest of the corporate net- 
work, but until we get execu- 
tive buy-in and funding for 


| this project, we will continue 


As much as we'd like 


| to think that employees 


are following policy 
and not using their 
home PCs to access 
our corporate network, 
it’s clear that they’re 
doing exactly that. 





to have this risk. 

Virtual private networks 
and dial-up connections are 
other points of entry for mali- 
cious code. As much as we’d 
like to think that employees 
are following policy and not 
using their home PCs to ac- 
cess our corporate network, 
it’s clear that they’re doing ex- 
actly that. Since home PCs 
aren’t patched and configured 
to our standards, malicious 
code often propagates through 
our VPN and into our produc- 
tion network from these unse- 
cured resources. 


Nessus Shortcomings 
As useful as Nessus is, it has a 
few shortcomings compared 
with commercial scanning 
products. The first is central- 
ized management. It would be 
nice to be able to manage all of 
our scanning engines from one 
location, but with Nessus, we 
must log into each scan engine 
separately. 

Another problem is the in- 
ability to provide role-based 
access to the scanning infra- 
structure so that nonsecurity 
personnel can use the applica- 
tion to scan certain networks 
for specific vulnerabilities. 

Finally, there is the whole is- 
sue around reporting. No mat- 
ter how robust, easily manage- 
able, intuitive and inexpensive 
the tool is, if we can’t produce 
meaningful reports, it’s hard 
to get management support. 
We've done some manipula- 
tion of the raw data produced 
by Nessus, but we can’t afford 
to dedicate a person full time 
to creating reports. 

Most commercial tools have 
addressed these shortcomings, 
but you pay a steep price. Un- 
fortunately, our security bud- 
get has been cut drastically, 
and we have to be very picky 
with how we spend money. 

We'll probably look at some 
commercial tools that can sup- 





plement Nessus with strong 
reporting features but contin- 
ue to manage the scanning en- 
gines individually. Who 
knows? Perhaps someone will 
release an open-source cen- 
tralized management tool for 
Nessus. 

Another option for report- 
ing just might lie with security 
event management (SEM) 
software. These programs, 
also called security informa- 
tion management tools, are 
fairly new and look promising. 

By using SEM software, we 
can funnel or redirect all of 
our event logs to a centralized 
server, including logs from all 
of our firewalls, routers, intru- 
sion-detection systems, Trip- 
wire change monitoring, au- 
thentication servers, Unix sys- 
tems logs and Windows NT 
security event logs. 

The SEM server then aggre- 
gates and correlates the data 
to provide a meaningful look 
at events within the environ- 
ment. It can also archive the 
data, send out alerts and re- 
port on events, trends and 
usage. 

SEM is a powerful technol- 
ogy that can provide informa- 
tion not only on security 
events but also on other busi- 
ness process issues. That 
should help us meet Sarbanes- 
Oxley Act compliance require- 
ments. 

I’m reviewing products 
from several SEM vendors 
now. One that has the most 
potential for my organization 
is ArcSight from Sunnyvale, 
Calif.-based ArcSight Inc. 
We've had limited exposure to 
this tool, but it seems like the 
answer to many of our securi- 
ty needs, since it can accept 


results from our Nessus scan 


engines. If ArcSign’s reporting 
is strong enough, it would al- 
leviate the need for us to re- 
place Nessus with something 
more expensive. D 


WHAT DO YOU THINK? 


This week's journal is written by a real securi- 
ty manager, “Mathias Thurman,” whose 
name and employer have been disguised for 
obvious reasons. Contact him at mathias_ 
thurman@yahoo.com, or join the discussion 
in our forum. QuickLink a1590 

To find a complete archive of our 

Security Manager's Journals, go online to 
© computerworld.com/secjournal 





www.computerworld.com 


SECURITY LOG 


reviews and so on. Rather, it 
presents information that an 
NSA auditor might use in the 
information-gathering phase, 
just prior to deploying a “Tiger 
Team” to try to break your 


But just because the 
methodologies are related to 


Updates Firewall 


Alpharetta, Ga.-based Trusted 
Network Technologies Inc. 
(TNT) this week will introduce 





SETTING NEW 
NETWORK SECURITY 
PRIVILEGES FOR 860 

USERS? THAT’LL TAKE 

DAYS...WEEKS... 


O 
O 
° 


O 
OC 
o 

o 


he = = enterasys 
~~ : Networks that Know 


These days, ne network is free of threats. That’s why you have to assign network security privileges to everyone. Employees, customers. 
and partners. You need to set an acceptable use policy that dictates what each of them can and can’t access. Until now, you had to do 


this manually. 


Not anymore. Now you can do what Baylor University did. Implement an Enterasys Secure Networks™ solution with a unique, policy- 
based system that empowers the network to allocate resources based on specific users and their roles. The network “sees” who the user 
is and assigns privileges accordingly. This improved control also gives you more security. 


It’s all about giving you a smarter way to network with central, intuitive management. Find out more at networksthatknow.com/Baylor. 
Or ask any one of the many enterprise customers we’ ve worked with for years. 





30 conpurerwonio pris, 2008 


PivX Launches 
Security Software 


PivX Solutions LLC has released 
Qwik-Fix Pro, a desktop security 


program that the Newport Beach, 


Calif.-based company says de- 
tects and mitigates Windows and 
Internet Explorer vuinerabilities. 
The program, which issues “real- 
time fixes and threat mitiga- 


tions,” is designed to protect sys- | 


tems until Microsoft Corp. deliv- 
ers a suitable patch, PivX said. 
Qwik-Fix Pro is automatically up- 
dated as new vulnerabilities are 
discovered and includes a central 
management console. Pricing 
starts at $29 per seat. 


Symbio Releases 


Thin-Client Suite 


Symbio Technologies LLC in New 
Rochelle, N.Y., has announced a 
new Linux-based thin-client net- 
work management application. 
The Symbiont Management Suite 
is a terminal services package 
that can be set up to let thin- 
client users access Windows, 
Linux and Macintosh applications 
from central servers, allowing 
businesses to cut hardware costs 
and reduce systems mainte- 
nance, said Symbio. 

The application also provides 
administrators with a wide range 
of systems information, including 
user and workstation status on 
the network, according to the 
company. Symbiont Manage- 
ment Suite is available now at 
$1,300 per server. 


Durham Police Use 


Real-Time Video 


The Durham Police Department 
in North Carolina has deployed a 
wireless surveillance system that 
provides law enforcement per- 
sonnel with real-time access to 
live video from a bank when its 
alarm system is activated. The 
system, from Melville, N.Y.-based 
Verint Systems Inc., enables 
emergency 911 call centers to dis- 
tribute real-time video from bank 
cameras to laptop devices in 
squad cars as well as to handheld 
devices for officers on foot. 





TECHNOLOGY 


PAUL A. 


STRASSMANN 


www.computerworld.com 


~ Pick Your Perspective 


On Il’ Outsourcing 


UTSOURCING HAS ANCIENT ORIGINS. 
It has been the basis for all trade since 
the birth of organized society over 10,000 
years ago. Civilization can progress only 
by making the best use of resources, 


wherever they may be avail- 
able. That makes it neces- 
sary to purchase goods and 
services you'd otherwise 
have to produce yourself. 

Why has outsourcing sud- 
denly become one of the 
most controversial topics 
among IT professionals? 
As far as IT staffs are con- 
cerned, outsourcing breaks 
up the traditional budget 
patterns wherein a company 
had direct control over 80% 
of IT spending. IT outsourc- 
ing is seen as a threat to the 
status quo and to the custo- cman 
dianship of custom-made systems. IT 
staffs now have to compete with out- 
siders. Systems designs that locked in 
costly corporate-specific solutions now 
have to become open to standard and 
even commodity solutions. If your job is 
at stake, you won’t favor something that 
alters a hitherto protected situation. 

Nevertheless, IT outsourcing is here 
to stay and will continue to grow with 
the rise in global commerce. Therefore, 
it may be useful to gain a better perspec- 
tive of what outsourcing could do for 
your organization. In doing so, you'll be 


ECONOMICS OF IT OUTSOURCING ; 


cOosTS 
IN VALUE 
CHAIN 


ELEMENTS OF THE VALUE CHAIN 


Assembly in China $3 
Parts from suppliers for China $14 


Corporate costs + profit 
Global distributors and retailers 





better able to rationally cope 
with outsourcing proposals 
whenever an economic justi- 
fication for such a move is 
presented at your company. 
To illustrate, I use the eco- 
nomics of a $40 (retail price) 
Logitech computer mouse. 
Logitech Inc. is a Fremont, 
Calif.-based multinational 
company. The mouse is as- 
sembled in China. According 
to The Wall Street Journal, 
the assembly costs $3, about 
$1 of which is spent on infor- 
mation overhead. Globally 
, produced parts costing $14 
account for most of the mouse’s manu- 
factured costs. I estimate that the logis- 
tics support to get the components to 
the assembly plant consumes about 
$3.50. This leaves the company with $8 
for sales, marketing, and research and 
development, plus profit, with an esti- 
mated $6 of that going toward informa- 
tion management. The mouse is then 
sent through a distribution and retailing 
chain costing $15, an estimated $10 of 
which is for information costs. From 
Logitech’s standpoint, it has outsourced 
80%, all but corporate costs and profit, 


ESTIMATED ESTIMATED 
INFORMATION iT 
COSTS COSTS 
$1 $0.02 
$3.50 $0.18 
$0.66 

$0.30 

$1.16 





IT OUTSOURCING RATIOS 
As seen by factory 
As seen by management 
As seen by competitor 


of the value chain (see “Economics of IT 
Outsourcing” below). 

If the CIO of Logitech had oversight of 
every penny of corporate IT spending, 
this would account for only 66 cents. Ina 
typical outsourcing contract that pro- 
duces 10% in operating savings, the deal 
could shave as much as 6.6 cents from to- 
tal costs. From a purely technical stand- 
point, such a move could be worthwhile. 
However, this still begs the question of 
what the role of a CIO ought to be ina 
multinational organization. Does the 
scope of the job just cover the 66 cents 
for corporate IT; does it include $6 for 
corporate information management and 
$10.50 for the logistics pipeline stretching 
from China to Logitech’s warehouses; or 
is the CIO responsible for the $20.50 in 
total information costs that matter when 
competing against aggressive suppliers? 

Depending on whether outsourcing is 
considered from the standpoint of the 
factory, management or the competitor, 
the outsourcing ratios (calculated as pur- 
chased goods and services/cost inputs) 
would be 467%, 213% or 95%, respective- 
ly (see box above). The competitor could 
then have an advantage in outsourcing 
less, because that company could make 
product improvements more rapidly. My 
take is that before you chase 6.6 cents’ 
worth of IT cost reductions, you’d better 
make sure that this won’t jeopardize the 
capacity to improve on the $20.50 that a 
competitor is striving to take over. 

The most frequently encountered IT 
management disease is micromyopia — 
the vision defect that appears when the 
manager is pressured for immediate cost 
cuts. Beware of outsourcing decisions 
when you can’t see the value chain from 
the competitor’s point of view. @ 45793 


WANT OUR OPINION? 


For more columns and links to our archives, go to 
www.computerworld.com/opinions 





ANAGEMENT = 


ink Tank Career Watch OPINION 

At a time when corporations are increas- A look at outsourcing’s Selecting New Leaders 

ingly reliant on technology, boardrooms impact on IT jobs; more -aul Glen says tech smarts, education 
are seriously deficient in IT knowledge money for Cisco experts; and bossiness aren’t good predictors of 
and experience, says a study by Burson- and what matters most at IT leadership success. Flexibility and 
Marsteller. Plus, we take our monthly private, fast-growthcom- | the ability to communicate are much 
look at the IT economy. Page 34 panies. Page 36 more important. Page 37 









A We've lost 

itarea OCU IAVAe)} 
just focusing ona 
few things. 


JOHN MOON, CIO, 
Baxter International Inc. 


BY JULIA KING 


HEN THE CEO, chief financial 

officer and other members of 

Accenture Ltd.’s partner in- 

come board meet to decide 

how the $1.4 billion consult- 
ing firm’s profits should be divvied up each year, 
CIO Frank Modruson has both a seat at the table 
and a vote on the final disbursement. 

In February, before executives at Juniper Net- 
works Inc. signed a $4 billion deal to buy out 
NetScreen Technologies Inc., they sought the 
counsel of Juniper CIO Kim Perdikou. The rea- 
son: Perdikou had led much of the company’s 
preacquisition due-diligence efforts. 

And when $13 billion Humana Inc. makes a 
sales pitch to corporate customers — potentially 
worth millions in revenue to the health care and 
benefits giant — Humana CIO Bruce Goodman 
is a lead presenter. 

Sure, corporate IT budgets may be flat overall 
> and technology expenditures more heavily scru- 
2  tinized than ever, but the CIO’s role and influ- 


Wide-Ranging 





realm of responsibility 
nding well beyond traditional IT boundaries. 


_MANAGEMENT 


www.computerworld.com 





The C10 can bring a lot of skills, viewpoints and insights to the executive leadership team, 
FRR Mmm era Umea me 


The CIO 


Cee m ORR a MIU Mele Mm tl comes] (tlc) 
the IT area, such as human resources policy, financial 
investment planning and change management. The is- 
sues also include relationships with external groups 
like customers, suppliers and, often, shareholders 


= Must be master of a broad array of leadership 
styles, because they're all needed to successfully steer 
a Strategically important IT function. These range from 
focusing on firm cost control to enabling creativity in 
the enterprise 


IMmeiIo 


s NV O ULU 


_E = OR 


RESPONSIE 
~ CONNECTING THE 
SYSTEMS OF AN 
ACQUIRED COMPANY. 


LAV 


9 HELP GOVERN THOSE 
NEW ORGANIZATIONS. 


JOHN MOON, C0, BAXTER INTERNATIONAL INC 


-ING j SKE 





SCAN THE DAILY CALENDAR OF Temple University IT chief 
Tim O'Rourke, and you're just as likely to find him meeting 
with a classroom renovation crew as with an IT project team. 
He might also be meeting with a faculty committee that’s de- 
signing and updating course content. 

The reason: “Technology has gotten into every aspect of 
what we do here,” says O'Rourke, whose official title is vice 
president for computer and information services at the 
33,000-student university in Philadelphia. 

Blackboard, the university's ubiquitous, Web-based course 
management system, is a prime example, he says. Students 
can use the online system to retrieve professors’ lecture 
notes and assignments, plus work on projects in online 
groups. “Five years ago, we had 11 courses on Blackboard,” 


= Must have a wider perspective. For a corporate 
CIO, this covers the entire enterprise. For a business- 
Mgt eG O Ml meron (slew lM tare (ell | UersROLm Carel @ eUISy tess 
unit. In both cases, the CIO has the vitally important 
opportunity to identify synergies. between organiza- 
tional units 


ACE MVM OMUR eh eRe) MUM LUMO) 
my. Since most of these are !T-related, the ClO 
should have an‘excellent.grip on this area 


SOURCE: GARTNER INC., STAMFORD, CONN., JANUARY 2004 


ence are expanding well beyond the traditional 
boundaries of IT. Recent interviews with more than 
two-dozen top IT executives suggest that the job of 
CIO is significantly increasing in difficulty and com- 
plexity, so much so that one veteran CIO believes it 
may be too much for a single person to handle. 

“The reality is that to be successful, a CIO must be 
able to do six things at once, and that’s just not realis- 
tic,” says Darwin John, who has held the CIO post at 
the FBI, the Church of Jesus Christ of Latter-day 
Saints and the former Scott Paper Co. In all three 
cases, John set up an office of the CIO that included a | 
team of executives who focused on technology im- 
plementation and integration, prioritizing business 
and technology initiatives and providing top-notch 
project management. 

“T have a belief that to be successful as a CIO, you 
need to allocate your time in thirds: one-third to 
minding the store, a third to working with major cus- 
tomers within the enterprise and the other third fo- 


| the role of negotiator and deal-maker. “ 





cused externally,” says John, who continues to advise 


the FBI as well as Chicago-based Blackwell Consult- 
ing Services Inc. 

“The role of CIO definitely isn’t shrinking. It’s 
changing,” says Linda Pittenger, president of People? 
Inc., a Gartner Inc. company in Bridgewater, N_J. 
More than ever before, the role is externally focused 
on suppliers, customers and relationships across oth- 
er corporate functions and business processes. 

Here’s a closer look at three C1Os who are ahead of 
the curve, having already assumed several roles and 
responsibilities far from the hum of the data center. 


PRODUCT INNOVATOR 


Baxter International Inc. in Deerfield, Ill., designs, 
develops, manufactures and sells medical devices. As 
the company’s CIO, John Moon was once fully en- 
gaged in what he calls “the ERP extravaganza,” but 
not anymore. Moon’s primary responsibilities these 
days are directly tied to the bottom line. Among 
them is helping product engineers figure out how to 
best incorporate Internet-based intelligence and 
communications capabilities into Baxter’s line of 
medication pumps, dialysis equipment and other 
medical devices, which represent 66% of the $8 bil- 
lion company’s business. 

“You’ve seen commercials about refrigerators and 
microwaves being connected to the Web. We’re dc- 
ing the same thing with medical devices,” says Moon. 
One recent example is Baxter’s home renal-dialysis 
machine that electronically tracks a patient’s treat- 
ment compliance and transmits the data back to a 
physician. The device is built around some of the 
same network technology Baxter uses internally for 
its own operations. 

Once the devices are developed, Moon shifts into 
I personally 
meet with clinical software vendors to talk about 
joint ventures. We’re also involved with collaborat- 


| ing with customers in connecting to devices in their 


unique LAN environments,” he says. This regularly 
places Moon in the boardroom with some of Baxter’s 
biggest customers. 


HEAD OF THE CLASS 


O'Rourke says. “Now we have 5,000 courses on Blackboard, 
so it has become a critical system.” 

One of O'Rourke's key responsibilities is working with pro- 
fessors to leverage the Blackboard system in cost-effective 
ways, such as designing course content and assignments to 
include a minimal amount of downloading and printing, 
which the university has provided free of charge to students. 

“As Blackboard and the Internet become more heavily 
used, it's nothing for a faculty member to tell a student to go 
to the Web and print out a report and bring it to class. But 
one of the big problems now is when you print 6 [million] or 
T million pages, it’s a very expensive proposition,” he says. 

In the classroom, virtually all of Temple's professors em- 
ploy digital technology, “so I'm also very involved in the phys- 


ical layout and construction of classrooms,” O'Rourke says. 
In addition, he’s closely studying how students’ study habits 
are changing and the effect those changes will have on the 
campus's physical and digital infrastructure. “For example, 

students don’t go to the library to study anymore; they go to 
the computer lab, and even though 80% of students have 

their own PCs, they don't want to study in their dorm rooms. 
That means looking at building additional computer labs to 

handle the changing habits,” he says. 

“The faculty and administration here understand the im- 
pact of technology, and they use (the CIO and IT the depart- 
ment] as a resource. It’s our job to let them know all of the 
ramifications,” O'Rourke says. 

~ Julia King 





EXECUTIVE REPORT 


COMPUTERWORLD 





Each vendor had responded with a 
substantial document mapping the 
functional requirements in the RFP 
to their solution components. But, 
selecting between them ultimately 
came down to a matter of trust. 

re was nothing to guarantee 
any of the proposed configurations 
would work, and precious little 
reliable data to differentiate one 
solution from another. 

The IT manager explained how 
he had adopted a credo of “Never 
Trust Nobody” when it came 
to data storage technology — an 
attitude he deemed appropriate 
to the “Wild West” nature of the 
storage industry today. He noted 
the lack of meaningful standards 
in storage technology generally, 
and of reliable performance 
metrics in particular, “Combine 
with the near total absence of 
relevant test data on most storage 
products in the market, many 
companies have learned the hard 
way that the storage solutions 
they purchase rarely look or act 
anything like the pretty pictures 
and exciting narrative offered in 
vendor brochures.” He said he did 
not want his company to join this 
disappointed group. 

His problem was he had no 
means to validate claims made by 


STORAGE EDUCATION SERIES 


by Jon William Toigo 


The IT manager for a large bank recently 
approached my firm with a deceptively simple 
service request. His company was working to 
build a new data protection capability, and he 
had created a requirements specification and 
request for proposal (RFP) to solicit input from 
several “brand name” storage product vendors. 


any of the vendors regarding the 
performance of their offerings, or 
the purported superiority of one 
solution over another. As was the 
case in many companies, budgetary 
cutbacks had eliminated his testing 
laboratory, and staff resources for 
testing were in short supply. 

To their credit, he said, certain 
vendors had offered a “try-before- 
you-buy” scenario to facilitate 
the deal. He wondered whether 
he could divert all of the products 
to my test lab and provide his 

ication workload to perform 
a valid “comparison test” of the 
offerings. Could some sort of 
testing be performed that would 
give him a better idea of which 
platform offered the most “bang 
for the buck?” 

Bottom line: The IT manager 
saw testing as the path to truth 
that he could not get anywhere 
else — not from vendors, not 
from analysts “who worked for 
the vendors,” and not even from 
generic comparisons offered in 
the trade press. In a request that is 
being consistently repeated these 
days, the man sought an outside 
testing agent to validate the vendor 
offering. 

The lack of internal testing 
facilities and resources is 


increasingly common in 
companies that do not regard 

IT as a core business. “Storage 

is usually regarded as a cost 

of doing business and not as a 
profit center,” says Mike Linett, 
President of Newark, DE-based 
network storage engineering firm, 
Zerowait. “Where infrastructure is 
regarded as a profit center, chances 
are better that a company will 
have a test lab where they can do 
head-to-head testing.” 

This view is echoed by Mark 
Freidman, long time performance 
engineering consultant and 
now General Manager and Vice 
President of DataCore Software 
in Fort Lauderdale, FL. According 
to Friedman, a lack of internal 
test facilities is seeing many firms 
deploy storage solutions with no 
method for validating functionality 
before they are placed into 
production. Key to validating 
storage solutions, he says, are tools 
enabling the characterization of a 
real world workload — plus, time 
and personnel that are both in 
short supply “except in companies 
where IT is viewed as strategic.” 

The testing dilemma is at the 
heart of the current tension 
between business and IT. At a time 
when budget controls are tight and 





QLOGIC 





“do more with less” has become 
the corporate mantra, the margin 
for error in IT acquisition decisions 
is slim. The pressure is on IT to 
make good technology choices that 
deliver promised business value in 
the shortest possible timeframe. 
Storage technology, which 
accounts on average for 60 to 
70 cents of every dollar spent 
on IT hardware, is no exception. 
However, unlike servers, 
networks and other infrastructure 
components, storage technology 
presents a dearth of reliable 
performance information with 
which to support intelligent 
decision-making. 


Setting the Stage 
Vendors of storage-related 
technologies are in no short supply 


— from large companies to a host 
of smaller firms offering everything 
from generic “white box” arrays to 
specialized platforms tuned to the 
very particular needs of specific 


vertical markets. Such diversity is 
a good thing when it provides IT 
managers with options for solving 
business problems with appropriate 
technology. And, healthy 
competition between vendors has 
the value-add of forcing prices 
down for storage. 

Nowhere is the price reduction 
benefit as apparent as it is in 
storage. The observation has 
been made by many industry 
analysts that, since the mid 
1990’s, the capacity of disk 
drives has increased at a rate 
of about 120 percent every 18 
months, while the cost of disk 
on a per GB basis has declined 
by 50% per year. These trends 
underscore both the advantages 
of vendor competition and the 
increasing commoditization of disk 
technology. 

On the other hand, disk 
drives alone do not a storage 
infrastructure make. Disks are 
increasingly aggregated into 
arrays, and arrays are increasingly 
aggregated into Fibre Channel 
fabrics or iSCSI SANs, or equipped 
with thin server operating systems 
and attached to networks, or 
joined together into scalable 
clusters in order to meet the 
burgeoning data flood that has not 
abated despite a slower economy. 

All the extra gear and software 
added around the disk drive 
creates a so-called “intelligent 
storage subsystem” that, in spite 
of its increasingly commoditized 
spinning parts, continues to 
drive costs of storage “solutions” 
skyward for virtually every 
storage consumer. This trend 
was confirmed several years ago 
by a former CEO with EMC 
Corporation, who said there was 
virtually no difference between 
his company’s products and those 
of his closest competitor: “At the 
end of the day, we are both selling 


a box of Seagate hard drives.” The 
only remaining differentiator (and 
what accounted for the sticker 
shock associated with his (and 
everyone else’s high end arrays) 
was software. 

Vendors increasingly price their 
gear based on software-based 
features added to improve the 
performance, resiliency or security 
of their box of disk drives. These 
features may include special RAID 
capabilities, internal point-in-time 
mirroring capabilities, special 
cache memory designs and caching 
algorithms, synchronous and 
asynchronous cross-array mirroring 
capabilities, support for a number 
of connectivity options, and other 
“intelligence” enhancements. 

While vendor marketing 
materials cast these features as 
“key differentiators” of their 
products and as sources of 
important business value to the 
consumer, such enhancements 
also serve vendor self-interests. 
The “intelligence” in intelligent 
storage subsystems helps to extract 
a higher profit margin for vendors 
and their resellers — special 
features to lock consumers into 
purchasing technology only 
from that vendor, or its cadre 
of partners. And perhaps most 
importantly, enhancements enable 
vendors to argue their platforms 
cannot be effectively compared 
to competitor platforms on an 
“apples-to-apples basis.” 

Platform diversity is thus a two- 
edged sword. On the one hand, it 
provides a rich set of options from 
which to choose a business data 
storage solution. On the other, it 
exacerbates the problem of making 
an effective choice from among 
several options, and may well 
increase the likelihood of making a 
poor one. 





What is missing in the storage 
world is an objective standards- 
based testing capability — an 
Underwriters Testing Laboratory 

that can certify the performance 
of a given platform in terms that 
are meaningful to business and IT 
planners. In the absence of such 
test data, there is no convenient 
way to compare the costs and 
benefits of the status quo storage 
infrastructure with a modified 
infrastructure using the proposed 
products of a vendor. In addition, 
without comparative data, there 
is no way to predict Return on 
Investment, payback intervals, o1 
total cost of ownership differentials 
with any degree of certainty. 

Vendors have only recently 
begun to work on defining 
standard metrics to be reported 
by their equipment to facilitate 
effective performance monitoring 
— a prerequisite for true utility 
storage. Freidman notes a 
primordial effort is underway 
within the Storage Networking 
Industry Association (SNIA) 
to define standards-based 
performance metrics. In addition, 
organizations such as the non- 
profit Standard Performance 
Evaluation Corporation (SPEC) 
and the Storage Performance 
Council (SPC), have sought to 
create benchmarks to describe 
storage equipment performance. 
SPEC, with its SPECsfs 
benchmark, focuses primarily 
on Network File System (NFS)- 
mounted disk (NAS and server- 
attached storage accessed via the 
NFS protocol), while SPC has 
emphasized block-based protocol 
access and the performance of 
hardware under certain types 
of application loads (mostly 
messaging systems). 

These approaches have value as 
a means for comparing the storage 


solutions of different vendors 
under a common, pre-defined, set 
of criteria. Also important is the 
methodology for conducting tests 
is well-defined by these groups 

and must be observed to the letter 
by any vendor seeking to have its 
results “certified” by the brokers of 
the test specification. On the other 
hand, both SPEC and SPC tests fall 
prey to two key problems endemic 
to virtually all benchmarking 
regimens. 

For one, the benchmarks test 
specific workloads under rarified 
conditions. SPC, for example, tests 
reads and writes sequentially and 
at random using a well-defined 
application workload that simulates 
a specific messaging application 
such as Exchange or Lotus Notes. 
The test results are only valid 
insofar as they mirror the real 
world application and workload 
that a consumer might have in his 
or her own shop. If the consumer 
is operating an application other 
than the one characterized in the 
SPC benchmark, the results of SPC 
testing may have limited utility. 

The other problem is benchmark 
testing leads inevitably to what 
industry insiders call “benchmark 
engineering.” The latter amounts 
to the practice of tuning test gear 
to deliver great results under a 
particular benchmark testing 
regimen, but in a way that would 
not be done in a real world 
deployment. SPEC provides 
hints for improving benchmark 
results, such as increasing 
memory resources for file systems 
and inodes, using non-volatile 
RAM to spoof write requests, 
or segmenting LANs to reduce 
bandwidth saturation. All are cited 
as means to an end: a glorious 
benchmark result — though not 
necessarily replicable in the real 
world. 

Taken together, these problems 


limit the efficacy of benchmark 
results as a guide to solution 
selection. Moreover, whether 
limited by test design constraints 
or benchmark engineering, 
benchmarks have yet to earn the 
trust of many consumers. 


Viewed from the standpoint of 
information utility or efficacy, a 
taxonomy (Figure 1) of testing 
methods and data can be 
discerned. 


Standards-Based Testiing 
Under “Real World” Workload 


Integration/Interoperability 
Testing 


Connectivity Testing 


Component Burn-in 
Testing 


Vendor Neutral 
Benchmark Testing 


UOIJEUIOJUY 4O ApH /ADeIIZ 


Vendor-Supplied 
Performance Data 


Figure 1: A Simple Taxonomy of Test Data 


arranged by Decision-Making Efficacy 


As shown in Figure 1, vendor- 
supplied performance data, 
delivered without reference to 
specifications or methodology 
is the least useful in discerning 
the value or appropriateness of a 
technology to a specific application. 
This goes for test results from 





research and analysis shops as 

well — especially where testing has 
been commissioned by the vendor, 
and the results posted by the 

R&A organization do not describe 
specific testing criteria or standards. 

Vendor-neutral testing by 
organizations, such as SPEC or 
SPC, has the added value of 
requiring vendor conformance 
to a specific methodology and 
workload description. However, 
these test results may have limited 
utility owing to the characteristics 
of the workload and the use of 
benchmark engineering by the 
vendor. 

Component burn-in is an 
essential test to ensure storage 
devices have not been damaged 
during shipment. Connectivity 
tests ensure devices will plug into 
one another and recognize each 
other’s existence. 

Interoperability tests are 
critically important, as they 
demonstrate the higher level 
interoperation of devices in 
fulfillment of a specific task or 
function. Standards for Fibre 
Channel switch interoperability, 
for example, have sufficient 
“wiggle room” to enable multiple 
vendors to develop switches that 
will not work together in the 
same fabric despite the fact each 
switch is fully standards-compliant. 
Interoperability testing is what 
must be done in the absence of 
airtight standards. 

Integration testing is part of 
interoperability testing and is 
performed to ensure higher order 
functionality, above the level of 
I/O transport, can be accomplished 
using the newly-designed storage 
infrastructure. Data replication 
processes, storage virtualization 
processes, backup and restore 
processes, capacity allocation 
and deallocation processes, and 
a host of other data management 


processes need to be tested 
across the collective platform to 
confirm both these processes can 
be undertaken successfully on an 
individual basis and also in concert 
without conflict. For example, if a 
backup/restore software product 
from vendor A is not “aware” of 
a storage virtualization product 
from vendor B, the result may 
be restore processes that require 
an inordinate amount of time 
to complete (for example, a 
1Terrabyte dataset requiring over 
100 hours to complete). Integration 
testing needs to be conducted to 
ferret out any hidden functional 
limitations of the solution. 

Finally, the most useful type 
of information comes from 
standards-based testing conducted 
by the consumer using well- 
defined standards-based testing 
methodology and real-world 
workload. The closer the actual test 
bed comes to real life, the more 
accurate and informative the test 
results will be. 


Standards-based testing under 
real application workload requires 
significant effort. Not only must 
equipment be installed and 
subjected to component burn-in, 
connectivity and interoperability/ 
integration testing, it must then be 
connected to a surrogate workload 
generated to represent actual 
client/server traffic. 

For workload simulation, 
some storage testing experts 
recommend toolsets such as 
Mercury Interactive’s Performance 
Center. However, for the budget 
challenged, workload can be 
emulated in a variety of ways using 
various downloadable utilities, 
databases, and other drivers. At a 
minimum, you will need to know 
the block sizes of application data, 


read/write ratios associated with 
particular application data in your 
current environment, and distances 
between initiators and targets 

if data requests and responses 
traverse IP networks. 

Your local chapter of the 
Computer Measurement Group 
(CMG.org) may provide access 
to folks who know the tricks of 
the trade in workload simulation. 
You can also learn from studying 
the published specifications of 
SPEC and SPC: in essence, you 
will be customizing their tests of 
sequential and randomized reads 
and writes to reflect your own 
applications and their specific 
workloads. 

It is best to map out the test 
objectives before you perform 
the test so it can be repeated 
across multiple platforms and 
multiple applications. In forming 





objectives, performance language 
syntax may be of use. Performance 
language-based objectives describe 
conditions, tasks and standards for 
each test to be performed. 

¢ Condition — includes a list 
of all resources to be used in 
performing the test. These may 
include a qualified workload 
sample, HBA, switch and storage 
device type(s), an interconnect 
(wiring) description, and a 
summary of the performance 
measurement(s) to be taken and 
the means by which they will be 
measured. 

¢ Task — describes the test 
that will be undertaken, possibly 
adding a timeframe for the test and 
other execution parameters. 

e Standards — consists of a 
description of the criteria (typically 
from the RFP) that will be used to 
evaluate the test and its results. 

A simple example of a 
standards-based test objective 
stated in performance language is 
as follows: 

¢ Conditions - “Given a vendor 
XYZ network attached storage 
array loaded with 2 TB of file- 
based data of different block 
sizes, a workload simulation of 
200 end users referencing stored 
documents at random, a 100 BaseT 

ithernet network interconnect 
between the simulator and the 
NAS array, and a requirement to 
test and measure response time to 
randomized requests over a two 
hour timeframe using XYZ product 
for I/O roundtrip measurement,” 

e Task — “the tester will 
initiate the measurement tool and 
workload simulation, marking 
the start time, and shut down the 
simulation and measurement tool 
after 120 minutes of operation, 
and generate a test report totaling 
average random access times” 

e Standard — “that conforms 
to the standard format set forth 


for comparative testing in the 
requirements specification 
document.” 

While performance language- 
based test specifications might 
sound a bit stilted, the structure 
provides an effective way to 
capture the details of a test so it 
can be used and reused to provide 
the basis for apples-to-apples 
comparisons between different 
products. Ideally, testing objectives 
should derive from a requirements 
specification document often 
created in conjunction with 
a Request for Proposal. 

Such a linking of documents 

— requirements specification to 
RFP to test reports — provides 

a convenient way to compare 
performance metrics gleaned from 
testing with vendor-promised 
performance. 

Taken together, the performance 
language objectives comprise a 
testing methodology that can be 
applied to the comparison of two 
or more storage infrastructure 
alternatives. Objectives can be 
formulated to provide discrete or 
isolated tests of storage software 
components or specific storage 
networking devices (such as 
different Fibre Channel switches) 
operating across an otherwise 
static storage infrastructure. 

The technique is very flexible 
and requires of planners only that 
they know 1) what comprises the 
real world workload associated 
with a specific application, 2) 
what kinds of test results would 
be relevant or useful to advise 
decisions, and 3) what kind of test 
can provide the desired results 
in the most expedient and cost- 
effective manner. 


Like dental flossing, storage 
performance testing is something 
everyone ought to do but 


most tend to avoid. Even in IT 
departments where test facilities 
continue to exist, the amount of 
actual testing prior to acquisition 
tends to be minimal. In the 
final analysis, conducting pre- 
deployment tests and publishing 
results would go a long way toward 
improving storage acquisition 
decision-making. 

Perhaps more importantly 
in the current “do more with 
less” business climate is the 
role of testing in validating the 
business value case presented 
to management to support 
a technology acquisition. 
IT professionals must frame 
acquisition requests in business 
terms: an expected cost-savings 
accrued to a proposed acquisition 
will offset its acquisition price 
within X months (payback), or 
an investment in this technology 
will deliver an internal rate of 
return based on cost savings, 
risk reduction or new business 
enablement of a certain percent 
over a specified period of months 
(ROI). None of these assertions 
can be made with confidence in 
the absence of performance data 
derived from testing that compares 
the current infrastructure with the 
infrastructure enhanced with the 
proposed technology 

One last point to keep in mind 
about testing: performance is 
only one criterion to consider 
when making intelligent storage 
technology acquisitions. In 
many cases, certain features and 
functions such as management or 
data protection, not to mention 
price, may also factor prominently 
in decision-making. However, 
effective performance-based 
testing remains the only chance 
you have of getting what you pay 
for in storage technology. 





reserved. 


where information lives 


) 2004 EMC Corporation. All rig 


ademarks of EMC Corporation. ¢ 


Fr: can’t afford to 


To: can’t afford not to 


EMC CLARiiON® CHANGES THE WAY YOU THINK ABOUT STORA Frugal ts the 

this invention. Introducing the new CLARION CX series. The storage solution that offers more performance 
every level. More functionality. And more networking flexibility for SAN or NAS. So you can do more than you~ 
ever thought possible. At a price you thought was impossible. CLARION models start under $10,000 

and grow with you. To learn more, visit www.EMC.com/growthcompanies. Or call 1-866-464-7381. 


Find an authorized EMC Velocity? Partner at www.EMC.com/velocity. 





www.computerworld.com 


Moon is also one of the few CIOs who sits on the 
board of directors of Global Healthcare Exchange 
LLC, the health care industry’s largest online busi- 
ness-to-business exchange [QuickLink 44038]. Baxter 
is an equity stakeholder, along with competitors 
Johnson & Johnson, Medtronic Inc. and GE Medical 
Systems. This year, the exchange is projected to 
process transactions valued at more than $3.5 billion. 
The exchange’s key goal is to leverage the Internet 
and electronic ordering to reduce supply chain costs, 
which represent a hospital’s second largest expense 
after personnel costs, Moon says. 

As for how the CIO’s role is changing, Moon sums 
it up this way: “We've lost the luxury of just focusing 
on a few things.” Today’s CIO is just as likely to be 
involved in merger and acquisition discussions and 
new-product development meetings as the chief fi- 
nancial officer or chief operating officer, he says. 

“The old CIO would be responsible for connecting 
the systems of an acquired company,” Moon says. 
“Today, CIOs are being asked to help govern those 
new organizations.” 


EFFICIENCY EXPERT 


In addition to 250 IT professionals, a $55 million an- 
nual IT budget and all technology and network oper- 
ations at William Beaumont Hospital in Royal Oak, 
Mich., Paul Peabody is directly responsible for $1.5 
billion per year in patient billings and 325 accounting 
workers who previously reported to the corporate 
controller of the 1,000-bed hospital. “We’re going to 
make some very big changes as we 
implement new revenue systems, so it 
makes a lot of sense for me to have 
responsibility for both areas,” says 
Peabody, who has held the hospital’s 
CIO post for 24 years. “Most hospitals 
are 2% to 5% inefficient in realizing 
the full revenue due to them. Billing 
in health care is very difficult with so 
many rules. You really need good sys- 
tems to do it right.” 

Hospital officials learned firsthand 
the value of tightly linking the CIO to 
business process changes in 1999, 
when the hospital implemented new 
financial systems with an eye toward 
reducing supply chain complexities 
and costs. Peabody, who led the proj- 
ect, hired several industrial engineers to work with 
IT to identify and streamline each step in the compli- 
cated supply chain process before configuring soft- 
ware the hospital had purchased from Oracle Corp. 

Among other things, they had suppliers deliver 
goods directly to nursing stations, allowing the hos- 
pital to eliminate its warehouse. Beaumont also 
signed on with a group purchasing organization to 
electronically handle orders with smaller and spe- 
cialty suppliers still using costly and time-consuming 
manual ordering processes. Together, these and oth- 
er changes have so far yielded savings of close to 
$25 million; Peabody says he believes he can boost 
that figure to $20 million to $30 million annually. 


Reet iced glee) 
analysis and change 


A EVO lamer 
= New product development 


Project management 
Ciesla ae 


Beye me Cree a 
receivable 


MANAGEMENT 


| “That’s the kind of reduction in expenses that can re- 
| ally improve your bottom line,” he says. 

Peabody has since added eight industrial engineers 
to the hospital’s permanent IT staff and placed them 
on every IT project. “We look at our processes, best 
practices, then do a gap analysis before making any 
changes” to processes or systems, he says. 

The role of IT and today’s CIO is that of a “change 
agent,” says Peabody, who reports to the hospital’s 
COO. “Our job is to understand how something 
works and make it operate more efficiently, and our 
responsibility is directly to the bottom line.” 


ENTREPRENEUR 


Goodman joined Louisville, Ky.-based Humana in 
1999 as senior vice president and CIO. In 2002, his 
title was changed to chief service and information 
officer and his responsibilities grew to include all 
of IT plus virtually all administrative operations, 
from billing and enrollment to provider affairs and 
quality management. 

“One of the biggest opportunities for leveraging IT 
in a company like ours is to make the clerical opera- 
tions more efficient,” says Goodman, who reports di- 
rectly to the CEO. “Having total responsibility for 
those dollars plus IT puts you on both ends of the 
equation.” 

In his expanded role, Goodman has been the 
driving force behind a unique joint venture with a 
direct competitor, Blue Cross and Blue Shield of 
Florida Inc. Together, the companies set up Availity 
LLC, which offers an Internet portal 
that enables health care providers to 
use a single online system — free of 
charge — to file for reimbursements 
from multiple insurers. 

Since its launch in February 2002, 
the portal has registered more than 
25,000 physicians at 9,500 health care 
practices and 208 hospitals in Florida. 
It processes about 3 million transac- 
tions a month. In the past two years, 
Availity has added Aetna Inc., Cigna 
Corp. and several local and regional 
insurers to its online claims-process- 
ing service. 

One of Goodman’s other nontradi- 
tional CIO roles is that of external 
salesman. Because of what he calls “a 
| story of IT enablement around the changing model 
of health care,” he is often the best person to explain 
Humana’s unique offerings, which include a set of 
| software wizards to help companies and employees 
choose the health plans that best suit them. 

“I also present to investment analysts, covering 
what’s happening with IT and our operations, and I 
get involved in government affairs, promoting legis- 
lation that will streamline costs to all stakeholders in 
health care,” Goodman adds. 

The bottom line: “Yes, the CIO role is definitely 
expanding,” he says. “It has to because so much of 
our operating model depends on IT to enable it.” 


@ 45635 








COMPUTERWORLD April 5, 2004 33 : 


CiOs EMERGE AS 
CHIEF PROCESS 
OFFICERS 


Studying and streamlining each 
and every move a company makes 
en route to the bottom line is be- 
coming a bigger part of the Cl0’s 
job description. 

Jeff Campbell, CiO at The 
Burlington Northern and Santa Fe 
Railroad Co., is in the midst of a 
major non-IT project to re-engineer 
how the railroad uses its 33,000 
miles of track to move freight. The 
goal, he says, is to improve veloci- 
ty, increase revenue and reduce 
costs. Before that, Campbell led 
the project to re-engineer and 
reduce the costs 
involved with 
BNSF’s procure- 
ment process. 

At Juniper Net- 
works, CIO Kim 
Perdikou just 
kicked off a major 
business-process 
analysis project 
focused on the thousands of cross- 
functional steps involved in the 
customer, partner and employee 
life cycles. 

At Baxter international, CIO 
John Moon led the effort to estab- 
lish a standard process for inte- 
grating newly acquired companies 
into Baxter. The health care com- 
pany typically acquires three or 
four companies per year. 

“It used to be that each acquisi- 
tion was a single and unique 
event,” Moon says. “Now we've 
developed a standard process for 
due diligence and evaluating [po- 
tential] acquisitions.” Once a target 
company is acquired, Baxter also 
has a documented and repeatable 
60-day plan for integrating new 
employees and sites into its voice 
mail, e-mail and human resources 
systems. 

“One of IT’s core strengths is a 
real systematic, process orienta- 
tion,” Moon notes, adding that 
“companies are beginning to see 
how extensively that can be lever- 
aged to gain efficiencies outside of 
pure technology.” 

- Julia King 













34 


COMPUTERWORLD April 5 2004 





o Seat in the 
Boardroom 


AT A TIME WHEN corporations are in- 
creasingly reliant on technology, board- 
rooms are seriously deficient in IT 
knowledge and experience. Only 5% 
of the world’s largest companies have 
ClOs on their boards of directors, re- 
ports a study by communications con- 
sultancy Burson-Marsteller in New York. 
The study analyzes all Fortune Global 
500 companies that release board- 
member biographical information. Only 
15 of these 313 companies have ClOs 
on their boards, and they're often companies : 
with headquarters in Europe or Asia. : 
“Most of the world’s largest companies are : 
not receiving board-level strategic advice on 
how technology can address current and fu- 


Best Bits 

The most useful parts of recent business 
and IT management books: 

THE BOOK: Blissful Data, by Margaret Y. 
Chu (Amacom, 2004). 

— I doubt the term 
blissful data will 
catchon—some- | 
how I imagine chads 
floating dreamily in 

_$wirls of marijuana 
moke — but Chu 
defines it as accu- 
rate, meaningful 
data that’s accessible to all employees. 
Sort of a data nirvana. 

For a general business audience, this 
easygoing book does a good job of ex- 
plaining data marts, data warehouses, 
business rules, metadata, data model- 
ing and integration. 

One of the most useful sections 
deals not with blissful data but with 
“dirty” data, defined as “incomplete, 
invalid or inaccurate” data values. If 
you're fighting the data quality battle 














ture business problems,” laments Heidi Sin- 
clair, chairman of Burson-Marsteller’s global 
technology practice. 

Companies with current or former ClOs 
on their boards include Canon Inc., Delphi 


in your organization, show business 
managers Chapter 4 for the discussion 
of how contradictory data, inconsistent 
naming conventions and cryptic codes 
can foul up any data warehouse and 
produce bad business decisions. Chu 
also points out that company politics 
play a major role, because “people tend 
to hide their dirty data problems, are 
reluctant to share data and are ready to 
blame others for dirty data issues.” 

— Mitch Betts 


Things to Ponder 


® Ina Gartner Inc. weblog, analyst Rich 
Mogull points out that the Sarbanes-Oxley 
Act doesn’t regulate corporate intelligence; 
it merely regulates internal controls 
and financial reporting. “Companies 
can take as much risk as they want, 
make as many poor decisions as they 
want and lose as much money as they 
want,” he says. “They just have to re- 
port exactly how much they’re losing 
in enough time for shareholders to 
know that management is making 
dumb mistakes.” 


MANAGEMENT 





Corp., DuPont Co., Gap Inc., GUS 
PLC, Mitsubishi Corp., Philips Elec- 
tronics NV, Sharp Corp., Tesco PLC 
and Wal-Mart Stores Inc., according 
to the study. 

Analysis of the 15 companies with 
CIO board members shows that after 
the appointment of an IT-related di- 
rector, these companies delivered 
annual returns 6.4% above industry 
averages. The financial gains can be 
attributed to many factors, but the 
study suggests that superior com- 
panies benefit from having an IT- 
savvy director. 

“In their search for directors,” 


: Sinclair concludes, “forward-thinking boards 
+ need to look beyond extraordinary financial, 
= managerial and legal experience and give 

: equal weight to technology experience.” 


- Mitch Betts 


= Companies with world-class payroll oper- 
ations can cut payroll costs per employee by 
up to 70%, according to research by 
The Hackett Group, a unit of Answer- 
think Inc. The key is adopting best 
practices such as reducing the number 
of pay and time codes and simplifying 
processes by eliminating unnecessary 
layers of review. 


Shi Me UeCR mei eereel ect 
highest in.online customer respect, 
ieee ee ) Art MOL MIEN T tC) oe 
spect for privacy, responsiveness and 
other metrics. 


THU Pareles 
Minnesota Life Insurance Co. 
pve eM Cee leet) on tom 
Liberty Mutual Insurance Corp. 








Pacific Life Corp. 
SOURCE: THE CUSTOMER RESPECT GROUP INC 
BELLEVUE, WASH., FEBRUARY 2004 
GOT ANY BRIGHT IDEAS? Send them to 


pitches@computerworld.com. 





Pee erreceseceseeseseseeseeeeeees 


www.computerworld.com 













Se oa er a 
r 


et be ame 


a es 


Sailaiee treet 









THE RIGHT PIECE | 


BRINGS IT ALL 
Bec aise 


Imagine giving 

your applications 
optimal performance 
Ome) Ley asl ee 


Thanks to the blade server. platform, you've 
reduced everything—server size, space, cables, 
management overhead and most importantly, 
costs. But then you realize that even when 
consolidated, the new server platform still has 
to meet the same demands: it has to be highly 
available, secure, scalable and completely 
reliable in its performance. 

How do you meet those demands without 
sacrificing all you've just gained? F5's BIG-IP® 
Blade Controller software provides traffic 
management that virtualizes and load balances 
the blade server environment. Now you can pool 
blades and concentrate their power, route traffic 
to those that are performing well, and manage 
them as a single entity. And with BIG=IP Blade 
Controller loaded directly onto blade servers, 
you're guaranteed to achieve the high 
availability performance it takes to reliably 
deliver applications. 


Give your imagination free reign and your 
bottom line room to grow. 

Visit www.f5.com/becw to learn more and 
experience a flash demo. Or call 800-916-7185. 





CONTROL YOUR WORLD 





Kan 
ors] 


; 36 COMPUTERWORLD April 5, 2004 


MANAGEMENT 


ULE CSS9 citeourchg'simpacton IT jobs. 


@ IF IBM PLANS to add 5,000 jobs in the 
U.S. this year but move 3,000 U.S. jobs off- 
shore, that still means 2,000 new domestic 
jobs. Right? Not exactly, according to The 
Wall Street Journal, which points out that 


IBM's U.S. outsourcing activities, which typ- 


ically include hiring computer professionals 
from client companies such as J.P. Morgan 
Chase & Co. and Fluor Corp., work to blur 
the math. “Often, IBM ends up laying off 
some of the workers it hires from [U.S.- 
based] outsourcing clients as it makes the 
acquired operations more efficient,” the 
Journal notes. Also, the transferred jobs 
aren't new IT jobs but instead represent a 
shift in employers. IBM says domestic out- 
sourcing currently brings in about $15 bil- 
lion a year, representing 17% of its revenue 
and much of its growth prospects. 





@ OUTSOURCING MAY BE at an all- 
time high, but IT professionals working 
for U.S. outsourcing companies may 


| also be facing a higher-than-average 


risk of job loss, according to Ravi 
Kalakota and Marcia Robinson, authors 


| of Offshore Outsourcing: Business 


Models, ROI and Best Practices (Mivar 
Press Inc., 2004). The reason: “Out- 
sourcing firms like Accenture, Conver- 
gys, IBM and HP are the most aggres- 
sive in migrating offshore. Expect to see 


| more outsourcing companies execute 


offshore outsourcing under the label of 
global or blended outsourcing. If you 


| work for any of these firms, you need to 


evaluate your job to see whether it’s a 
potential candidate for offshore substi- 


| tution,” the authors say. @ 45624 


Live! From Online! IT Training! 


BARRY KAUFMAN, chief tech- 
nology officer and founder of 
Intense School Inc. in Ft. Laud- 
erdale, Fla., says the future of 
technology training is online be- 
cause it's low-cost and “a step 
above classroom training.” Not 
surprisingly, then, his company 
has revamped and renamed its 
gram to take advantage of on- 
line, asynchronous education 
opportunities. 


| 
| 


variety of Microsoft products, 
Cisco technology, security sys- 
tems and voice over IP. Classes 
are broken up into 3.5-hour 
modules. Kaufman says each 
Class runs at least twice a week 
because “flexibility is key for 
training these days. You've 
got to be able to offer courses 
during the day, at night and on 
weekends.” 

sense for those on tight budgets, 
Kaufman says. “You're not pay- 


your training budget,” he says. 

The training includes a lab 
with multiple network segments 
that simulate various produc- 
tion environments. Students 
can quickly apply what they 
learn through online materials 
to walk through systems opera- 
tions on live systems. 

Training budgets may be 
crimped, Kaufman says, “but 
you can't sustain IT systems 
over time without training. You 
always need it.” 

~ Mark Hall 


Numbers Crunch 


skills since Jan. 1 


SOURCES: TCPmag.com and The Dice Report, 
March 2004 


AVERAGE 
DN COMPENSATION 


Insurance 
Fone = EE 
Computereiated RYT 


*Compensation includes base 
salary, bonus and stock options 


www.computerworld.com 


' Keys to Success 


What are the most critical 
factors for success over 
the next 12 months? 

Pe Retention of key workers 
ae Flexible business strategies 
BB Pertnering wath others 

ae Getting more from IT 

Se Increased available funding 
BASE: 387 CEOs of privately held, 

fast-growth U.S. companies 


SOURCE: PricewaterhouseCoopers, New York, 
March 2004 


ClO Tenure 


How long have you been 
in your current position? 


Fewer than 
three years 
ae 


10 or 
9% more 


fe years 


Between six 
and10 years 


SOURCE: C/O magazine, 2003-04 BASE: 539 heads of IT 


SR aime a ee 


AFebruary poll of 182 CEOs by Chief Executive 


MELE Val nem LO) is) 
January, the steepest decline 


Rete elite? 


cei 


, meanwhile, are more optimistic. Of 112 ClOs 
polled by Forrester Research Inc. in March, 


But don’t expect an uptick in IT hiring. Despite overall 


optimism, 


Between three 
and six years 
e@--- 





www.computerworld.com 


Gateway Names 
Lee Senior VP of IT 


Gateway Inc. announced its new 
senior management team follow- 
ing the completion of its acquisi- 
tion of eMachines Inc. in March 
and named Andy Lee senior vice 
president of IT. Lee was formerly 
CEO of Alorica Inc., a software 
outsourcer that worked closely 
with eMachines. Former eMa- 
chines CEO Wayne Inouye took 
over the roles of president and 
CEO from Gateway founder Ted 
Waitt, who will remain as chair- 
man at the PC vendor. 


Pierce Moves Up 
At Genentech 


Genentech Inc., a biotechnology 
company in South San Francisco, 
last week announced the promo- 
tion of Todd Pierce to vice presi- 
dent of corporate IT. Pierce, who 
has been managing the IT group, 
will also chair the IT Strategy 
Council at Genentech, a cross- 
functional team of executives that 
coordinates and sets direction for 
the company’s IT activities. 


Pentagon Unit 
Cited for Innovation 


The U.S. Department of Defense’s 
Defense Finance and Accounting 
Service won the fifth annual Ac- 
centure Ltd. and MIT Federal 
Government Innovator award for 
technology that delivers public- 
sector value. The prize recognized 
myPay, a Web-based system that 
provides payroll information to 
military personnel. 


Vendor Offers 
‘PMO in a Box’ 


Project Management Solutions 
Inc., a consulting, training and re- 
search firm in Havertown, Pa., 
has launched a new service to 
help companies quickly establish 
and maintain best practices in 
their project management offices. 
Depending on the needs of the 
customer, the PMO in a Box ser- 
vice may include people, proc- 
esses and technology. 





MANAGEMENT 


PAUL GLEN 


COMPUTERWORLD Ayril5, 2008 OT 


Selecting New 
Il Leaders 


NE OF THE great privileges and respon- 

sibilities of leadership is identifying and 

training the next generation of managers 

and leaders. Somewhere in between cri- 

sis management, contract negotiations, 
internal politics, status monitoring and your myriad 
other tasks, you should spend a few moments consid- 
ering the future leadership of your organization. 


Figuring out who has the 
potential to become a great 
leader or middle manager 
of IT is difficult. Given that 
leadership is one of those 
things that most of us can 
identify when it’s put be- 
fore us but find difficult to 
describe, it often seems im- 
possible to predict an indi- 
vidual’s prospects. 
There are traits that can 
be predictors of success. 
But before we dive into 
what to look for, let’s put to 
rest a few of the commonly 
used criteria that haven’t 
yielded stellar results. 
Education. Lots of great 
business leaders have put : 
in time in MBA programs, but even a 
degree from Harvard or the Kellogg 
School (my alma mater) doesn’t guar- 
antee the right stuff. While important, 
understanding the mechanics and sub- 
tleties of business doesn’t necessarily 
translate into leadership success. 
Tech smarts. As believers in meritoc- 
racy, we’re drawn to the idea that the 
person who best understands what’s 
going on technically is best qualified 
to be in charge. Unfortunately, the 
skills needed in a leadership role are 
different from technical savvy — and 
often don’t reside in one person. 
Bossiness. The natural desire to be 
in charge doesn’t necessarily predict 
whether someone will be a good 





leader in a technical envi- 
ronment. The hierarchical 
top-down approach tends 
to be fragile when it comes 
to creative work. Those 
with the built-in desire to 
command frequently run 
smack into the brick wall 
of technical staff intelli- 
gence and intransigence. 
So, which traits are bet- 
ter predictors of who will 
make great leaders? 
Emotional flexibility. We 
talk a lot about being a 
good leader, but what 
about becoming one? 
Great leaders start out 
somewhere else and have 
to move into leadership 
roles. Becoming a leader poses transi- 
tional challenges that can be met only 
with emotional flexibility. One of the 


| great challenges for a new manager is 


to transform his view of himself, to 
change how he measures himself and 
his success. Early life and career work 
is judged by personal productivity. In 
school, we’re judged by the quality 
and quantity of our papers, tests and 
quizzes. Young workers are judged by 
the quality, quantity and speed of task 
completion. Our self-images become 


| tied to our personal productivity. 


Moving into management requires a 
fundamental shift in how we view our- 
selves, a shift in the emotions about 
self and work. Leaders are judged not 





| by their personal productivity but by 


their effect on the productivity, morale 


| and effectiveness of others. Managers 


must be able to derive their personal 


| satisfaction from helping others be 


productive rather than being produc- 


| tive themselves. This is a difficult 


transformation that’s poorly under- 
stood and rarely discussed. 

The ability to adopt a new self- 
image is critical to the transition into 
a successful leadership role. 

Comfort with ambiguity. Beyond mas- 


| tering their emotions, leaders must be 


able to cope with the chaos and confu- 
sion of reality. The world is a complex 


| place filled with facts, provisional 


facts, lies, opinions and emotions. A 


| large part of the leader’s role is to help 


interpret the turmoil and bring order, 


sense and meaning to daily work. Suc- 


cessful leaders must transform ambi- 
guity into clarity and create com- 
pelling narratives out of complexity. 

They also bring a high tolerance for 
the continuing existence of confusion. 
They’re able to hold contradictory 
ideas in their heads simultaneously 
without experiencing undue stress. 
Strong leaders aren’t impervious to 
new facts and information but are 
comfortable revising their interpreta- 
tions to meet changing times 

Ability to communicate. The ability to 
cope with ambiguity means nothing 
without the ability to communicate. If 
leaders and managers deliver value 
through their effect on others, commu- 
nication is their primary tool. Whether 
leaders communicate verbally, in writ- 
ing or through their actions, their abil- 
ity to connect with those they lead is 
of prime importance. 

Considering these “softer” skills can 
help you to ensure a successful future 
for your organization. @ 45727 


WANT OUR OPINION? 


For more columns and links to our archives, go to 
www.computerworld.com/opinions 








COMPUTERWORLD April 5, 2004 


MARKETPLACE 








Get Rid of the PC Box. 


The PC Box 


..or Not 


An entire PC inside a keyboard 


OPTIONS: 

Internal slim CDRW/DVD » Internal floppy * Internal fax modem * DVI (Digital Video) 
Parallel Port ¢ TV-Out (NTSC/PAL) ¢ Plastic Skin Protector ¢ LCD Displays: 15", 17", 
18" and 19" (touch screen available) * Wireless 802.11b/g available 


Runs all Microsoft™ Windows 98/2K/XP/NT operating systems. 

U. S. Patent Pending. © 2004, Cybernet Manufacturing, Inc. all rights reserved. The 
Cybernet logo and Zero-Footprint-PC are trademarks of Cybernet Manufacturing, Inc. 
intel, Intel Inside, Pentium, Celeron are trademarks, or registerec trademarks of Intel 
Corporation, or its subsidiaries in the United States and other countries. All other regis- 
tered trademarks are property of their respective owners. Prices and specifications are 
subject to change without notice. All prices are excluding tax and shipping. *Monitor 
not included. 


Save Space. 


As an I.T. Manager, your greatest challenge could 
be where to put that big PC BOX! Cybernet has 
created an innovative, all-in-one, Zero-Footprint-PC. 
The entire PC fits inside a normal size keyboard! 
This design has helped many businesses nationwide 
to save valuable space. 


STANDARD FEATURES: 
¢ Intel® Pentium® 4 Processor up to 2.80GHz/533 FSB 
* 128MB DDR333 SDRAM up to 2GB 
40GB IDE 7200 RPM hard drive, up to any size 
10/100 Ethernet, 4 USB 2.0, 2 IEEE1394 Firewire, 2 Serial Ports 
© 2-Year Limited Warranty 
All these features are inside the keyboard! 


As low as $475* 


CYBERNET™ 


Space Saving Technology 


Ss} 
For produt specs and model options vst us at WWW. cybernetman.com, 
or calt TOLL FREE 888-834-4577 international 949-477-0300 








www.computerworld.com 





IT EDUCATION, TRAINING & CERTIFICATION 


Advertising Supplement 


IT Careers: Education and Training 


Mics folks are working so hard that there's little 
time to think about adding any more to their 
schedule. However, adding learning and capabilities 
has long been the recipe for maintaining marketability 
among IT professionals. 


That's changing somewhat as U.S. companies are 
looking for more than certifications du jour. They 
demand a more complex blend of skills. The result is 
surging enrollment for specific courses in 
undergraduate and graduate degree programs. It also 
has meant a boon to companies such as eCollege, 


Gets job advice from the newspaper. 


which provides online education resources for post- 
secondary institutions and businesses. The company 
estimates that enrollments using its eLearning 
capability will total 1.2 million in 2004 including 
close to half a million distance enrollments. 


Ken Sardoni, college campus chairman for technology 
programs at the Utah campus of the University of 
Phoenix, says the important consideration is to 
pursue additional skills and learning that can’t be 
sent offshore. The detail skills — coding and 
implementation — can. 


“We encourage students to look at six technical 
areas in general -— networking, database 
development and analysis, programming, web design 
and business systems analysis,” says Sardoni, who 
worked for 13 years at Oracle before going into 
education. “When you find a piece of technology you 
like, such as database or networking, then you go 
deeper. And you need to understand the business 
processes so that you can apply technology point to 
point through the whole value chain of a business. 
That's something that cannot be outsourced.” 


University of Phoenix, which now enrolls more than 
200,000 degree-seeking students through a 
combination of classroom and distance learning 
capabilities, has seen the most demand for IT 
professionals who have business acumen in health 
care, biosciences, insurance and financial services. 
“The other (category), interestingly, is in education. 
The development of online classes, simulations, 


= 


me'Stort os early 


classroom augmentation and even publishing of 
materials rests on information technology. In July 
(2003) we had more than 600,000 downloads from 
our electronic library to support student research. 
Technology is allowing us to move into smaller 
markets with a blend of campus and online 
instruction, reaching people who have not been 
reached before.” 


Laurie Jadick, vice president of human resources for 
IT services company Cognizant, said companies must 
change too, providing a more creative venue for 
learning and timing of that learning. “People will give 
up personal time for learning when they see that it is 
relevant,” she says. Jadick also points to the need for 
interaction during learning, not just electronic 
learning. “We all need that energy level and 
interaction to get a bigger bang for the buck.” 


Jadick evaluates learning style as part of hiring 
criteria. “We want people who learn in an aggressive 
manner — who pull their chair up next to smart 
people and learn from them. We ask people not just 
what they know, but how they learned it.” 


For more information about IT Careers 
advertising, please contact: Nancy Percival 
Vice President, Recruitment Advertising 
800.762.2977 

500 Old Connecticut Path 

Framingham, MA 01701 

Produced by Carole R. Hedden 


Scholarships 
Available!” 


Earn your degree — online! 


Use your IT experience or certification toward the completion of your degree. 


ae 


Flexible programs for busy adults: 
BS Computer Information Systems 


BS Information Technology - Network Management’ 
BS Information Technology - Project Management’ 
BS Information Technology - Security” 

BS Information Technology - Software Development” 
BS Business - IT Management 

AS Information Technology 


* Your certification may waive some degree requirements. 


Online. Accelerated. Affordable. Accredited. § 


Goes to Dice.com first for complete tech career guidance. 


Only tech jobs * Career guidance 
Salary info + Daily job notification 
Training & certification 


Regionally accredited 
1-866-225-5948 


Federal financial aid available 
www.wgu.edu/IT 


Computerworld + InfoWorld + Network World + April 5, 2004 





Lae b nets es IT|careers.com 


JAVA DEVELOPER 


























IT PROFESSIONALS 















Computer Professionals 
(Multiple Openings) 


WEB DEVELOPMENT 
ANALYST Ill 


ADT Security Services, Inc. has 
multiple openings in Boca 
Raton, Florida for Web Develop- 
ment Analysts III 














Senior Consultant 


POSITION: Senior Consultant 
(Glen Mills, Pennsylvania and 
other locations through the U.S.). 
Provide consulting services for 
research, design, development, 
maintenance, testing & enhance- 
ment of software packages & 
standalone and web based appii- 












Analyze & dvip existing or pro- 
posed software appins. Dvip 
Java-based, server side compo- 
nents to meet client specified 
user reqmnts. Dvip, impimnt & 
improve progs, appins & related 
procedures to process data 
using in-depth knowledge of 












Software Engineer/Systems 
AnalystiDatabase Administra- 
tor/Network Administrator. 
Milwaukee, WI. 












Analyze business procedures 
and problems to develop specifi- 
cations and convert them to pro- 


Must have bachelors degree 
or equivalent and experience: 
in some of the following skills 
C/C++, Java, Web Methods, 





cations using Java and C++ as 
the programming language & 
accompanying J2EE technolo- 
gies including Java Serviets, JSP 
(Java server pages), Java Swing 
Classes, JDBC (Java database 
connectivity), JNI (Java Native 
Interface) and Rational Rose 
Administer UNIX (AIX) systems 
Windows NT servers, DB2 data- 
base & WebSphere applications 
server. Lead the development 
team in the design & develop- 
ment of applications, define the 
workflow & ensure deliverables 
are complied in a timely manner. 
Ensure compliance with quality 
assurance procedures & review 
of team's work. Facilitate the 
development of project propos- 
als. Transfer knowledge & skills 
to client personnel. Assist en- 
gagement managers in the for- 
mulation & definition of computer 
information systems scope & 
objectives through research & 
fact finding to develop or modify 
moderately complex information 
systems tailored to client's man- 
agement requirements. Select, 
customize & lead applications of 
tools & methodologies to meet 
proposals & engagements: 
needs 




































WAGE: $77,020/year 
Hours worked: Monday-Friday 
9:00am-5:00pm 


MINIMUM REQUIREMENTS 
Bachelor's degree or equivaient 
in Computer Science, Engineer- 
ing (any type), Math, Business 
Administration or Information 
Systems + 4 years exp. in the job 
offered or 4 years exp. as a Sen- 
ior Consultant, Consultant, De- 
veloper, Software Engineer, Sys- 
tems Administrator. Related ex- 
perience must include develop- 
ment, design, testing and main- 
tenance of software packages 
and web-based applications us- 
ing Java Serviets, JSP, Java 
Swing Classes, JDBC, JNI and 
Rational Rose; Administration of 
UNIX (AIX) systems, Windows 
NT servers, DB2 database and 
WebSphere application server: 
and at least one year working 
within the public sector. Employ- 
er will deem foreign educational 
credentials evaluated by an eval- 
uation service to be the equiva- 
lent of a U.S. degree. 

























































































Please send your resume, refer- 
encing Job Order Number! 
WEB404652 to the 

Philadelphia NW Careerlink, FLC: 
Unit 235, W. Chelten Ave 
Philadelphia, PA 19144. EOE 









Computers - Software Develop- 
ers needed. Seeking qual. can- 
didates possessing BS or equiv. 
& rel. work exp. Part of the req 
rel. exp. must include 1 yr. work- 
ing with J2EE, Weblogic & 
Websphere Application Servers 
Exp. designing complex web 
based systems w/complex serv- 
er side framework & the mort- 
gage process preferred. Fwd. 
resume & ref. to Palisades 
Technology Partners, Attn: HR, 
440 Sylvan Ave., #210, 
Englewood Cliffs, NJ 07632 


Lead Developer - Boca Raton, 
FL: Design & develop packaged 
& system software. Propose & 
implement software enhance- 
ments to meet production 
schedule. Analyze, develop & 
implement aigorithms. Test & 
solve technical issues. Must 
have BS/BA or foreign degree 
equiv. in Computer Science; 2-yr! 
exp. in job or 2-yr exp. as 
Developer. Must have exp. in 
VC++, SQL, C++, IIS, ASP, 
DMO, ADO, HTML, DCOM, 
MTS, ATL, Windows NT & UNIX 
F/T 40/wk, Qam-5pm M-F. 
Comp. $60K/yr. Resumes to: 
HR, Software FX, inc. 5200 
Town Center Circle, Tower 1 - 
#450, Boca Raton, FL 33486 


































software dvipmnt life cycle 


include: (1) Prog. Langs: Java, 
EJB & Swing; (2) Dbases 
Oracle or DB2; (3) Appins: 


Apache; (4) Operating Sys. must 
include at least 1 from A & 1 
from B: (A) Sun Unix, HP Unix 
or AIX, & (B) Windows NT or 
Windows 2000. 40 hrs/wk, 8am 
- 5pm, $66,730/yr. Qualified 
applicants please submit 
resume to Manager, 
Washington County Tear PA 
CareerLink, Milicraft Center, 
Suite 150LL, 90 West Chestnut 
Street, Washington, PA 15301- 
4517. Please refer to Job Order 
No. WEB 403666. 


SYNAPSE GROUP, INC., a 
leading computerized magazine 
marketing company is looking to) 
hire a qualified BUSINESS 
DEVELOPMENT ANALYST to 
research potential markets; ana- 
lyze statistical data to forecast 
future marketing trends; initiate 
and produce timely and accu- 
rate reports/analysis to improve 
business results; and to develop: 
and maintain sales and account 
management reporting systems. 
Qualified applicants are required 
to possess at least a Bachelors 
degree in Business, Finance or 
related discipline. Strong PC 
skills and good financiai/ 
accounting background pre- 
ferred 


The company offers a competi- 
tive compensation/benefit pack- 
age and an environment where 
achievements are recognized & 
professional growth is encour- 
aged. Qualified applicants are 
encouraged to mail resumes to 
Department of Human 
Resources, Synapse Group, 
Inc., Four High Ridge Park, 
Stamford, CT 06905. 





Software Engineers needed 
Seeking candidates possessing 
BS or equivalent and/or relevant 
work experience. Part of the req 
rel. work exp. must include 2 
years working with Oracle and 
HTML or 2 years working with 
Oracle and JBOSS. Duties’ 
include: Analyze, design, devel- 
op, enhance, and maintain appli- 
cations; Plan, test and docu- 
ment programs. Work with Java, 
J2EE, Weblogic. JBOSS, JSP, 
Oracle and HTML. Mail resume, 
references and salary require- 
ments to: Prudent Technologies, 
Inc., 8413 W. 145th Terrace, 
Overland Park, KS 66223. 


Instructor, Technical Train- 
ing - wanted by technical 
train. & consulting co. in 
Plantation, FL to dev. course 
curriculum & provide inst- 
ruction to Programming stu- 
dents in Visual C++, Micro 
soft .NET, Visual Basic, 
Compact framework & 
WinCE .NET. 4 yrs exp. 
req'd as instructor in listed 
skills. Send resume only to} 
HR - Technical Training 
instructor, 8211 W. Broward 
Bivd., Suite 210, Plantation, 
FL 33324. 

















Encode, test, debug & install 
operating progs & other appin 
software utilizing knowledge of 
Java prog. tools. Bach. degree 
(or equiv.) in Comp. Sci., Math, 
Engnrg, Bus. or Commerce + 2 
yrs exp. in position offered or as 
a Software Engnr, Prog. Analyst 
or Sys. Analyst reqd. Exp. must 


Websphere, Weblogic or 

















grammable form for electronic 
data processing. Confer with 
organizational units involved to 
determine specific web output 
requirements. Study existing 
data systems to evaluate effec- 
tiveness and develop new, or 
modify current, web systems to 
improve production workflow. 


















Must possess at least a bache- 
lor's or its equivalent in Com- 
puter Science or a related field, 
and relevant work experience. 
Experience must include J2EE 
Certification (Sun Microsystems, 
etc.); web development experi- 
ence, including Electronic Data 
Interchange (EDI); and experi- 
ence with Oracle, SQL, 
WebSphere Administration and 
XSLT. 


Resume and/or cover letter 
must reflect each requirement 
above and specify reference 
code WDA/SSS or it will be 
rejected 





Forward resume to Theresa 
Maia, ADT Security Services, 
inc., One Town Center Road, 
Boca Raton, FL 33486. 


Network Administrator Admi- 
nister, maintain, support & 
develop the school's databases 
& servers for finance, raisers 
edge, education, library, & other 
programs. Work in a Mac/ 
Windows environment, create 
and maintain firewalls, intrusion 
detection systems, web biocker, 
storage area networks, VPN's, 
WAN & LAN connectivity. 
Develop & implement Veritas 
Backup Exec recovery proce- 
dures inc. backups & recovery 
testing. Implement, maintain & 
support wireless routers, brid- 
ges, access points & wireless 
network (801.11b and 802.119) 
for School Buildings. Must have 
at least a Bachelors Degree or 
Foreign Equiv. in Eng. Or in a 
related field& 2 yrs. of exp. or 2 
yrs. of exp. in a related position 
wiability to use Visual Basic, 
Macintosh/Windows, Veritas 
Backup, VPN's & Storage Area 
Networks. 40 hrs./wk. 8 AM - 
5PM. Send resumes to HR-IT 
Mgr. Mt. Vernon Presbyterian 
School, 471 Mt. Vernon Hwy., 
Atlanta, GA 30328. 


Computers-Seeking qualified 
candidates for senior and mid- 
level IT professional positions 
including: Programmer Ana- 
lysts, Software Engineers, Net- 
work Administrators, Systems 
Analysts. Qualified candidates 
must possess MS/BS or equiv. 
and/or rel. work exp. Duties 
include: Work with 3 of the fol- 
lowing: SAP, ABAP, XML, 
Siebel, Oracle, C, C++, PL/ 
SQL, peopleSoft, Unix 
fesume & references to: 
Halcyon Solutions Inc., Attn 
HR, 950 Taylor Station Rd., 
#D, Columbus, OH 43230. 


Synergy has multiple openings; 
for IT professionals. Qualified 
applicants must have BS with 
substantial experience. Strong 
background in SAP, SQL, ERP, 
VB, TCP/IP Suite, Oracle is plus. 
Send resumes to hr@synergy- 
com.com. Travel is required for! 
some positions. Sponsor GC. 
EOE. No calls 


Golden Way Security is hiring IT 
professionals to handle software 
and computer issues in mort- 
gage areas inciuding web-based 
application design. BS with 
some experience are the mini- 
mum requirement. Please send 
resumes to 28125 W. Seven 
Mile Rd., Livonia, Mi 42152. 
EOE 


















































Cold Fusion, Microsoft Technol- 
ogies (Visual Basic, .NET, ASP) 
CRM (Siebel, Clarify, Vantive), 
Middle Ware Technologies 
(Orbix, Corba, Tibco, Vitria) Data 
Ware Housing Tools (Informati- 
ca, Data Stage, Abinitio, Busi- 





Strategy, Brio) ERP (SAP, 
People Soft, Oracle Apps, 
Baan), Mainframe (Cobol, CICS, 
JCL, VSAM) AS400, Ecom- 
merce, Databases (SQL Ser- 
ver/Oracle/DB2/Sybase), 
Microsoft Windows(95/98/NT/ 
2000,Exchange), UNIX (Sun 
Solaris, HP, AIX), Linux and QA\ 
(Win Runner, Load Runner, Silk, 
Quickpro, Manual Testing) 


Position requirement: Must be 
willing to travel and /or relo- 
cate per project specification 


Mail your resumes _ to 
j ik: i inc.com 


or 


Human Resource Director 
IK Solutions Inc 

1840 N. Farwell Ave 
Suite # 306 

Milwaukee, WI 53202 















Positions opening for (a) IT 
Instructor who must have M.S in 
C.S & 3 yrs exp in teaching 
instructor led courses and 
imparting technical training in 
Sun technologies like Arch- 
itecture of J2EE Applications, 
JAVA, Serviets, EJB, JSP, Point 
base, XML and Object Oriented 
programming. b) Senior Syst- 
ems Engineer who must have 
B.S in Computer Information 
Systems or equiv & 5 yrs experi- 
ence in File NET Products 
Installation, advanced System 
Support and Administration 
including Panagon IS, CS, 
Report Manager, eProcess and 
Client products like Capture and 
IDM with Web services. Should 
have hardware maintenance 
experience on File Net Juke- 
boxes, knowledge of Kofax 
product support will be required 
Please send resumes only to 
President, Guru Software 
Services, Inc., 12700 Century 
Drive, STE# B, Alpharetta, GA 
30004. identifying interested 
position(s). EOE 


Research Computer Services is 
seeking Software Engineers for 
various locations throughout the 
U.S. Current positions availiable 
in our Dayton, OH & Atlanta, GA 
offices. MS or equiv. and/or rel. 
work exp. Part of the req. rel 
work exp. must include 1 yr 
working w/ C/C++. Duties 
include: Design & develop appli- 
cation software; interface w/ 
customers & vendors; Trouble- 
shoot & provide product support, 
analysis, & resolution. Work w/ 
C/C++, .NET, & XML. Send res., 
ref., & sal. req. to resumes@ 
daytonres.com or fax to 937- 
445-5011. Please mention Job 
Code #DAY797 for Dayton or 
#ATL798 for Atlanta position. 


The 


right skills 


fuel 
the new 
economy. 


itcareers.com 





Computerworld + InfoWorld + Network World + April 5, 2004 


ness Objects, Cognos, Micro 













































































































Cy 


Siehne 
Computerworld, 
rld, and 
rork World, 
Help You Do A 
Better Job. 












































Now Let Us Help 
You Get On 


Check us out at: 
www.itcareers.com 


or call: 








‘Looking For 
nN 


New Career? 


The new 


itcareers.com 


CareersJournal.com 


combined 


jobs database 


can help you 


find one. 


Check us out! 


www.itcareers.com 


Makeetacracnooan 


— 
Sr. Software Developer: Design 


and develop client/server and 
web-based applications in open 
environment including designing 
and developing GU! and data- 
base, performance systems 
analysis and designing and 
developing and testing and 
installing custom software sys- 
tems. Analyze and design busi- 
ness processes through data 
modeling and process modeling 
Requires: Bachelors degree in 
Computer Science and five 
years experience in Software 
Development Demonstrated 
ability in C/C ++, Visual Basic. 
MFC, SQL, OLE, COM/DCOM 
HTML/DHTML, XML, ASP and 
VB Script. 40hrs/wk (9:00 a.m 
to 5:00 p.m.) $92,000.00/yr 
Send two resumes/responses 
to: Case Number 200203744 
Labor Exchange Office, 19 
Staniford Street, 1st Floor. 
Boston, MA 02114 


Programmer Analyst. Analyze 
reqmts, recommend dsgn, per- 
form data mapping, prgmg 
dvipmt & testing using Oracle 
Reports 6i, Oracle Forms 6i 
SQL, PL/SQL, SQL’*Loader 
Toad, Taviz Integration Adapter 
& Windows. Bachelors or equiv 
in Comp Sci/Engg Info 
Systems, Electrical, Electronics 
or related Engg. 1 yr exp in job 
offd or as IT/software prof! using 
above computer skills. 40hr/wk 
8a-5p Resume to Ultra 
Telecom, Inc, 1600 Cakbrook 
Dr, Ste 520, Norcross, GA 
30092 


Programmers & Software Engin- 
eers (Chicago, IL & Atlanta, GA) 
Analyze, design, develop, test & 
implement specialized apps. in 
(a) WebMethods Oracle Apps 
11i, Siebel, JD Edwards, Clarify 
& rel. tools; (b) HIPAA, Telecom, 
Banking Apps. in Mainframe 
Oracle, Java, SQL Server and 
rel. tech.; (c) Ariba Buyer 
ORMS, SAP, JD Edwards 
Mainframe / Mid-Range, Java 
Suite & rei. tools; (d) Java Suite, 
Rational Rose, MQ_ Series 
WebLogic, Jakarta Digester, 
UNIX Scripts, WebSphere, DB2 
LDAP Server & rel. tools. on 
Windows / Unix / Sun Solaris. 
Send resume to, HR, 906 Lacey 
Ave., Suite # 200, Lisle, IL 
60536. EOE 


Innovision Technology is ooking 
for system analysts and soft- 
ware/project engineers. Minim- 
um BS/MS with experience 
using Rational ClearCase/Clear- 
Quest Multisite and PVCS. Exp. 
in T! OMAP, Ti! TMS470 pre- 
ferred. Please send resumes to 
iti@innovisiontech.com. EOE 
No calls 


Enduenet is a company special- 
ized in developing medical re- 
cord software. It is looking for IT 
professionals with experience in 
this field. Qualified applicants 
must have BS/MS equivalent 
with skills in VB, C++, VC++, 
and OOAD. Please send resum- 
es to contact@enduenet.com 
EOE 


Software Engineer (Mobile 
Switch Interfaces) sought to per- 
form s/w prod design, sys analy- 
sis, & programming activities: 
write functional & design specs, 
prep prod sub-sys tech docs, 
conduct unit testing & integra- 
tion testing for new functionality 
& participate in prod design mtgs 
w/ sr team members; perf s/w 
defect verification, release test- 
ing, & beta supp for prods. Bach 
in CS, EE, or related req'd + 2 
yrs exp in SS7 for SCP. Forward 
2 resumes to Lightbridge, inc. 
320 Interlocken Pkwy, Broom- 
field, CO 80021, Attn: Pat 
Jensen. Job # 1465.0041 


Global Tek, Inc. has opportunities 

in Naperville, IL; Madison, WI & 

Fairfield, NJ areas for experi- 

enced Computer Professionals 

(multiple openings), w/relevant 

education & exper > in VB 
Peri, Erw C++ 
IPlanet 


Java Script 


prise Server. App! 
of Cold Fusion, D: 
informatica, E 
business 
warehousing 
RDBMS 

2EE, JSP. 

EJB, Weblogic 


40% t t 
40% travel to 


Programmers & Software 


Engineers 


Design/Develop 


Server side, 


apps 
tools suite. 

Server/Oracle Coldfusion 
COBOL, Data Dictionary/ Data 
Diagram, AS400 & rel. tools 
Attn: HR, 6962 Main St., Suite 


105, Woodstock, GA 30188 


Software Engineers needed 
Waltham, MA based coi y 
has postions available for quali- 
fied candidates possessing MS 
or equivalent with relevant work 
experience. Duties include 
Design, develop, implement 
customize software applic: 

for various business clients 
using 3 of the following: Sun 
Solaris, Weblogic, Unix, C, C++ 
VB, VC++, Java, .NET, EJB 
ASP, Crystal Reports, Win- 
Runner, Business Objects. 
Lotus Notes, IBM Websphere. 
Javaserviets Perl Corba 
HTMLU/XSL/XML, DHTML, COM/ 
DCOM, PL/SQL & Oracle/ 
Sybase databases. Mail resume 
to iconsoft inc. 751 Main Street 
Suite 9 Waltham, MA 02451 


Instructor, Graphic Design 
Teach classes in Graphic 
Design for bilingual use in 
Japanese and English. Prepare 
curriculum, conduct diagnostic 
tests & conduct classes in appl 
of Maya, Shake, Photoshop & 
Flash in graphic designing 
Administer tests & grade stu- 
dents. Provide counseling. Req 
Bachelors in Fine Arts/Multi- 
media Arts & Tech. & ability to 
tead and write Japanese & 
English. 40hrs/wk. Job/Iinter- 
view Site: LA, CA. Send resume 
to Studio Arts, Ltd. @ 570 W. 
Avenue 26, #425, LA, CA 


System Analyst. Perform com- 
puter system analysis & pro- 
gramming to meet client's 
requirements; develop interface 
using ASP & VBCOM; use Unix 
components including C++ ob- 
jects & Java classes with a 
Tomcat web server. |BM MQ on 
Unix is used communicate with 
backend systems using IBM MQ 
on Unix; design & develop COM. 
objects for validation for EAS 
provide authentication & security 
control. Req: Bachelor or equ 
(accept 3-yr college+PG diplo- 
ma or 2-yr exp as equ), 1-yr exp 
as Programmer or Analyst or !T 
Consultant. 40hrs/wk, 8-5pm, 
$47k/yr. Send resume to Job 
Order # 2004-324, PO Box 989. 
Concord, NH 03302-0989 


iT|careers 


ve been to those other human resources 
technology conferences. Same old stuff. 


Today, you need to learn more, not more of the same. 


TecHR World Is part of 


WORLD 


ee 


April 14-15, 2004 


New York Hilton Hotel & Towers, New York City 


is the one conference the 
HRMS pro MUST ATTEND in 2004! 
Miss this and you miss 


HROI 


the last train to the 


future of HR technology.” 


- Marc Pramuk, Program Manager 
HR Management & Staffing Services, |DC 


REGISTER TODAY FOR A 50% DISCOUNT! 
~ Register at www.techrworld.com with source code TECHR50 


Software Development Engineer 
- Design and develop software 
for serial bus testing instrument 
for MIL-STD-1553B and RS- 
232C systems. Design and 
develop enhancements for auto- 
mated test equipment operating 
environment software that inte- 
grates a number of other appli- 
cation development environ- 
ments. Use object-oriented 
design skills, C++ for coding 
knowledge of MIL-STD 1553B 
and TIA/EIA-232C bus proto- 
cols, VXiplug&piay specifica- 
tions and experience in XML 
DOM/SAX, Microsoft ATL/COM, 
Microsoft VisualStudio develop- 
ment environment, national 
instruments measurement stu- 
dio LabView, TestStand, and 
Agilent VeePro and TYX PAWS. 
Fix bugs and enhance products 
Requirements include a 
Master's degree or equivalent in 
Computer Science. an 
Engineering discipline or related 
field. No work experience 
required. Applicants must have 
unrestricted authorization to 
work in the United States. Salary 
$75,177/year. 40 hours/wk 
Respond with two copies of 
resume to Case #200203613 
Labor Exchange Office, 19 
Staniford St., 1st Fl., Boston, MA 
02114. 


Computer Programmer want- 
ed to convert project specifi- 
cations and statements of 
problems and procedures to 
detailed logical flow charts for 
coding into computer ian- 
guage and conduct quality 
check and related duties. BS 
in CS or related major and 
one year related experience 
required. Send resume to 
Gale Finance Human 
Resources, 1507 E. 53rd St., 
Suite #239, Chicago, IL, 
60615. No walk-in 


Multiple positions in Atlanta for 
Programmer/Analysts to ana- 
lyze, design, develop applis 
using C, JAVA with DB2, .NET, 
JavaScript, HTML/DHTML, EJB 
ASP.NET, C#, JSP, ASP, Serv- 
lets, UML, Oracle, SQL Server. 
Sybase, Natural, 4GL, XSTL 
Web services, Remedy, ETL 
Abinitio, Cognos, Informatica 
Actuate, Mercury Suite, Rational 
Test Suite, Tibco, Clear Quest 
Tapestry, Resign. Perform initial 
study of req and provide feed- 
back; provide on site mainte- 
nance support, debug modify 
fine tune and perform code opti- 
mization. Require: BS or Equiv 
in Engineering & 2 years rele- 
vant experience. Multiple posi- 
tions in Atlanta for Business 
Development Managers with an 
MBA and 3 years of experience 
in Sales, Recruiting, Contract 
Approval, Deviation Approval. 
Technical Feasibility, Financial 
Viability, Delivery Viability, infra- 
structure and Resource viability. 
Frequent Travel and relocation 
involved for both positions. Mail 
Resumes with cover letter & 
position applied for to H R 
Manager, FutureTech Consult- 
ants LLC, 330 Research Court 
Suite 300, Norcross, GA 30092 


Application Developers 
DMS & auto products using 
Vis Interdev, VB, VC++ 
SQL Server 2000 & ASP/IIS 
5.0. BS CS or Engg. & 2 yrs 
programmer, dev. or ana- 
lyst. Resumes to. K 
Cramer, 
Reynolds, POB 2608 
Dayton OH 45401 


Reynolds & 


Computerworld + InfoWorid + Network World + April 5, 2004 


Software Engineer 


innovative IT 
i clients 
nationwide. We have imm 


We are 
dates with experi 
development 
and maintenance 
systems applications 


Design and code a solution that 
integrates the client's informa- 
tion systems using programming 
languages on UNISYS platform 
J2EE, Oracle, Unisys A Series. 
Mainframe environment, Unix 
Windows operating system and 
Lawson ERP system. Require 
experience in preparing func- 
tional requirements. sign spe 
cifications & generating reports. 


Seeking dependabie < 

Quality customer ser 

ed candidates for the positio 
Require Bachelor's degree 
Computer Science, Engineering 
or related field with 2 yrs of ex- 
perience in the job offered. Job 
involves frequent traveling as 
required by the project 


We offer excellent salary & ben- 
efits package for 40 hrs/wk, 8:00 
to 5:00 p.m. Send resume to. 
iGenesis, LLC, 942 Parkton Dr. 
Waukesha WI! 53189 or 
job41923@igenesisoniine.com 


Programmer Analyst w/exp to 
analyze, design, develop, test & 
implement web oriented & cus- 
tom built applications using 
J2EE Technologies, HTML, Java 
Script, JSP, ASP, Oracle, Sy- 
base, ClearCase & CVS. Per- 
form code impact analysis 
reviews for func perfor- 
mance, capture & publish r- 
formance status for the code 
changes to improve the system 
performance to meet production 
Standards using custom built 
test bed on Unix Platforms. Mail 
resumes to: Open Systems 
Technologies, inc., 119 East 
20th Street, Suite 202, Houston 
TX 77008. No in person res- 
umes/interviews; only respond 
by mail. 





44 computerworto aris, 2004 


RESOURCES 


How to Contact 


COMPUTERWORLD 


We invite readers to call or write with their comments 
and ideas. It is best to submit ideas to one of the department 
editors and the appropriate beat reporter. 


Marytran Johnson, 


editor in chief 
(508) 820-8179 


DEPARTMENT 
EDITORS 


Don Tennant, News editor 

Craig Stedman, assistant News editor 
Mitch Betts, Features editor 

Tommy Peterson, Technology editor 
Kathleen Melymuka, Management editor 


REPORTERS 


Dan Verton, federal/state government; legislation: 


manufacturing. 


(508) 620-7714 
(508) 820-8120 
(301) 262-8243 
(508) 620-7729 
(508) 820-8118 


Critical-infrastructure security; travel 


Jamie Eckle, Opinions editor 
Frank Hayes, senior news columnist 


(703) 321-2277 


Jaikumar Vijayan, corporate security/privacy issues: 


(630) 978-8390 


Todd R. Weiss, genera! assignment; Linux 
messaging/collaboration 


(717) 560-5255 


OPINIONS 
(508) 820-8202 
(503) 252-0100 


FEATURES 
(508) 820-8204 


Bob Brewin, mobile computing/wireless; Intel PCs 


and servers; health care (505) 425-3551 


Matt Hambien, networking; network systems management 
ommerce; CA (508) 820-8567 


Thomas Hoffman, information economics; IT 


investment and management issues; careers/labor (845) 988-9630 


Lucas Mearian, financial services; storage: 


{T management (508) 820-8215 


Linda Rosencrance, genera! assignment 


transportation/carriers (508) 628-4734 


Carol Sliwa, Microsoft: Web services technologies: 
application development: retail industry 


Marc L. Songini, ERP: supply chain; CRM; databases: 
data warehousing; EAI (508) 820-8182 


Patrick Thibodeau, enterprise systems; outsourcing and 
immigration issues; corporate antitrust issues (202) 333-2448 


(508) 628-4731 





Ellen Fanning, special projects editor 
Robert L. Mitchell, senior editor 
Mark Hall, editor at large 

Gary H. Anthes, national correspondent 
Julia King, national correspondent 


(508) 820-8177 

(503) 391-1158 
(703) 536-9233 
(610) 532-7599 


COMPUTERWORLD.COM 
Tom Monahan, online director 
Sharon Machlis, managing editor/online 
Ken Mingis, online news editor (508) 820-8545 
Marian Prokop, online editor at large (508) 620-7717 
David Ramel, e-mail newsletter/online editor at large....(508) 820-8269 
John R. Brillon, associate art director (508) 820-8216 
David Waugh, associate art director (508) 820-8142 


(508) 820-8218 
(508) 820-8231 





Peter Smith, Web development manager 
Kevin Gerich, Mark Savery, Web developers 
Bill Rigby, associate Web developer 
Matthew Moring, graphics designer 


RESEARCH 


Mari Keefe, research manager 
Gussie Wilson, research associate 


COPY DESK 
Michele Lee DeFilippo, managing editor/production ...(508) 820-8126 
Bob Rawson, assistant managing editor/production (508) 271-8015 


Monica Sambataro, senior copy editor 
Eugene Demattre, Mike Parent, copy editors 


GRAPHIC DESIGN 
Stephanie Faucher, design director 


April O’Connor, associate art director 
Julie Quinn, senior designer 
Susan Cahill, graphics coordinator 
John Klossner, cartoonist 


(508) 820-8235 


ADMINISTRATIVE SUPPORT 
Linda Gorgone, office manager 
Chery! Dudek, administrative assistant 


(508) 820-8176 
(508) 820- 8178 


CONTRIBUTING 
COLUMNISTS 


Pimm Fox, Michael Gartenberg, 
Dan Gillmor, Paul Glen, Barbara Gomolski, 
Thornton A. May, David Moschelia, Bart Perkins, 
Nicholas Petreley, Paul A. Strassmann 


CONTRIBUTING 
WRITERS 


Mary Brandel, Russell Kay, 
Sami Lais, Robert L. Scheier, 
Steve Ulfeider 





www.computerworld.com 


GENERAL INFORMATION 


TELEPHONE/FAX 


Main phone nuniber.. . . (508) 879-0700 
All editors unless otherwise noted below 


Main fax number ..... . (508) 875-8931 
24-hour news tip line. . . (508) 620-7716 


E-MAIL 


Our Web address is 


Staff members’ e-mail follows this form: 
lastname@computerworld.com. 


For IDG News Service correspondents: 
firstname_lastname@idg.com. 


LETTERS TO THE EDITOR 
Letters to the editor are welcome 
and should be sent to: 


letters@computerworld.com. 
Include your address and telephone number. 


MAIL ADDRESS 


PO Box 9171, 500 Old Connecticut Path, 
Framingham, Mass. 01701 


SUBSCRIPTIONS/BACK ISSUES 


Subscription rates: U.S., $99.99/year; Canada, 
$130/year; Central and South America, $250/year; 
all others, $295/year 


REPRINTS/PERMISSIONS 


Visit www.reprintbuyer.com to obtain quotes 
and order reprints online. 





COMPANIES IN THIS ISSUE 


Page number refers to page on which story begins. Company names can also be 
computerworld 


searched at www. 


3COM CORP. 9 
ACCENTURE LTD. 12, 31, 36, 37,45 
ADVANCED MICRO DEVICES INC. 1 
AETNA INC a 
AFFILIATED COMPUTER SERVICES INC. 8 
ALLSERVE SYSTEMS CORP. 8 
ALORICA INC. 7 
AMAZON.COM INC 19 
AMERICAN INTERNATIONAL GROUP INC 
AMERICAN NATIONAL 

STANDARDS INSTITUTE 

AMR RESEARCH INC 

ANSWERTHINK INC 

ANTA SYSTEMS INC 

APACHE SOFTWARE FOUNDATION 

APPLE COMPUTER INC 

ARCSIGHT INC 

ARGONNE NATIONAL LABORATORY 

AT&T WIRELESS SERVICES INC. 

AVAILITY LLC 

AVAKI INC 

BAXTER INTERNATIONAL INC. 

BEST BUY CO. 

BIZ360 INC 

BV'S WHOLESALE CLUB INC. 

BLACKWELL CONSULTING 

SERVICES INC 

BLUE CROSS AND 

BLUE SHIELD OF FLORIDA INC. 

BMC SOFTWARE INC. 

BROWN RAYSMAN MILLSTEIN 

FELDER & STEINER LLP 

BT SMITH AND ASSOCIATES, 
BURSON-MARSTELLER 

CAMPBELL SOUP CO. 

CANDLE CORP. 

CANON USA INC. 

CAP GEMINI ERNST & YOUNG 

CAPTARIS INC 

CATALINA MARKETING CORP. 





(CENZIC INC. 

CERN 

CHURCH OF JESUS CHRIST 

OF LATTER-DAY SAINTS 

CIGNA CORP. 

CINCINNATI FINANCIAL CORP. 
CISCO SYSTEMS INC. 

COGNIZANT TECHNOLOGY 
SOLUTIONS CORP. 

COLORADO STATE UNIVERSITY 
COMMISSION ON PROFESSIONALS 
IN SCIENCE AND TECHNOLOGY 
COMPUTER SCIENCES CORP. 
CONVERGYS CORF 

CONVERSEON INC. 

COPPEREYE LTD 

CORE CAPITAL PARTNERS 

OH. BROWN ASSOCIATES INC. 
DALHOUSIE UNIVERSITY 
DATAMIRROR CORP. 

DELL INC. 

DELPHI CORP. 

DELTA CORPORATE SERVICES INC 
DICE INC 

DIGERAT! SOLUTIONS LLC 

DOW JONES & CO. 

OREYFUS SERVICE CORP. 
DUPONT CO. 

DURHAM POLICE DEPARTMENT 
EBAY INC. 

ECONOMIC POLICY INSTITUTE 
EMACHINES INC 

EPINIONS INC. 

EXTENSIS INC. 

FACTIVA 

FBI 

FIRST INTERNET INC. 

FLUOR CORP. 

FORRESTER RESEARCH INC... . 1, 10, 11, 22.36 
FORTIFY SOFTWARE INC. 2 





FUJITSU CONSULTING n 
GAP INC. 34 
GARTNER INC. 1, 14, 31, 32,34 
GATEWAY INC. 8,37 
GE MEDICAL SYSTEMS a 
GE REAL. ESTATE 1 
GENENTECH INC. 7 
GENERAL REINSURANCE 

SERVICES CORP. 1 
GEORGE WASHINGTON UNIVERSITY 16 
GLOBAL HEALTHCARE EXCHANGE LLC... 31 
GLOBAL INSIGHT INC. 1.46 
GLOBUS ALLIANCE 22 
GLUECODE SOFTWARE “4 
GOOGLE INC. 

GUS PLC 34 
HARLEY-DAVIDSON INC 19 
HARVARD BUSINESS SCHOOL 37 
HEALTHCARE FINANCIAL 

MANAGEMENT ASSOCIATION 34 
HEWLETT-PACKARD CO. 36 
HOOVER'S INC 7 
HUDSON'S BAY CO. 6 
HUMANA INC 6,31 
IBM 1, 7, 8, 10, 14, 15, 19, 26, 36 
(BM GLOBAL SERVICES. 12 
ioc 1,7, 8, 16,19 
INDIANA UNIVERSITY 

INFORMATION TECHNOLOGY 

ASSOCIATION OF AMERICA 

INOVANT LLC 

INSTITUTE OF ELECTRICAL 

AND ELECTRONICS ENGINEERS INC. 

INTEL CORP 

INTENSE SCHOOL INC. 

INTERGRAPH CORP. 

INTERNATIONAL FEDERATION 

OF THE PHONOGRAPHIC INDUSTRY 

J.D. EDWARDS & CO 

J.P. MORGAN CHASE & CO. 

JASOMI NETWORKS INC. 

JOHNSON & JOHNSON 

JUNIPER NETWORKS INC 

JUPITER RESEARCH 

KAVADO INC. 

KELLOGG SCHOOL OF MANAGEMENT 
KEYSPAN CORP. 

KIMBERLY-CLARK CORP. 





KIRKLAND & ELLIS LLP 

UBERTY MUTUAL INSURANCE CORP. 
LOGITECH INC. 

MAPICS INC. 

MARRIOTT INTERNATIONAL INC. 
MARTHA STEWART LIVING 
OMNIMEDIA INC. 

MASTERCARD INTERNATIONAL INC. 
MCDONALD'S CORP. 
MEDTRONIC INC. 
MERRILL LYNCH & CO. 
META GROUP INC. 
MICROSOFT CORP. 
MINNESOTA LIFE INSURANCE CO. 

MIT. 

MITSUBISHI CORP. 

NATIONAL ASSOCIATION OF 
SOFTWARE AND SERVICE COMPANIES, 
NATIONAL RETAIL FEDERATION 

NEOIT INC 

NETSCREEN TECHNOLOGIES INC. 

NIKE INC 

NORTH BRONX HEALTHCARE NETWORK 
OAKWOOD HEALTHCARE SYSTEM 
ORACLE CORP. 

PACIFIC LIFE CORP. 

PACIFICARE HEALTH SYSTEMS INC 
PAYPAL INC 

PEOPLES INC. 

PFIZER GLOBAL 

RESEARCH & DEVELOPMENT 
PFIZER INC. 

PGA TOUR INC 

PHILIPS ELECTRONICS NV 

PIVX SOLUTIONS LLC 

POINTBASE INC. 
PRICEWATERHOUSECOOPERS. 
PROCTER & GAMBLE CO. 
PROJECT MANAGEMENT 
SOLUTIONS INC 

RECORDING INDUSTRY 
ASSOCIATION OF AMERICA 
REUTERS GROUP PLC 

SANCTUM INC. 

SARA LEE COFFEE & 

TEA NORTH AMERICA, 

‘SAS INSTITUTE INC. 

SCALIX CORP. 


30 


36 


19 
16 


3 
34 
1 


1,6, 7.8, 17, 27, 30, 36 


4 
7 
a4 


12 
a 
3 
20 
1 

7 


22, 30.31 


34 
19 
12 
3 


22 
45 


" 
34 
27 
30 
3% 

1 


SEAGATE TECHNOLOGY LLC 
SEARS, ROEBUCK AND CO. 

SHARP CORP. 

SIERRA ATLANTIC INC. 

‘SNAP APPLIANCE INC. 

‘SP! DYNAMICS INC. 

STORAGE NETWORKING 
INDUSTRY ASSOCIATION 

SUN MICROSYSTEMS INC. 

SYMBIO TECHNOLOGIES LLC 
SYMPHONY SERVICES CORP. 
TARGET CORP. 
TECH-ECONOMY.ORG 
TECHTRONICS INDUSTRIES CO. 
TEMPLE UNIVERSITY 

TERRA NOVA TRADING LLC 

TESCO PLC 

THE BURLINGTON NORTHERN 

AND SANTA FE RAILROAD CO. 6, 
THE CUSTOMER RESPECT GROUP INC. 
THE DATA WAREHOUSING INSTITUTE 
THE HACKETT GROUP. 

THE HILL SCHOOL. 

THE HOME DEPOT INC. 

THE SCO GROUP INC. 

TIVOLI SOFTWARE 

U.S. DEPARTMENT OF DEFENSE 
U.S. DEPARTMENT OF 

HOMELAND SECURITY 

U.S. FOOD AND DRUG ADMINISTRATION. 
U.S. NAVY 

UNISYS CORP. 

UNITED AIR LINES INC. 

UNIVERSITY OF ARKANSAS 
UNIVERSITY OF 

CALIFORNIA, BERKELEY 
UNIVERSITY OF CALIFORNIA, DAVIS 
UNIVERSITY OF WISCONSIN 
VERINT SYSTEMS INC. 

VERISIGN INC. 

VISA INTERNATIONAL INC. 
WAKEMED HEALTH NETWORKS. 
WAL-MART STORES INC. 

WEBPLAN INC. 

WEBSENSE INC. 

WERNER CO. 

WILLIAM BEAUMONT HOSPITAL 
ZEND TECHNOLOGIES LTD. 








www.computerworld.com 


Continued from page 1 


RFID 


nology. And the compliance 
delays may not be the only 
ones Wal-Mart encounters as 
its leading suppliers strive to 
fully meet the RFID directives 
it set last year, predicted ana- 
lysts at Forrester Research 
Inc., Gartner Inc. and five oth- 
er market-research and con- 
sulting firms. 

A Wal-Mart spokesman 
confirmed that the retailer is 
requiring its top 100 consumer 
goods suppliers to ensure 
100% readability of the RFID 
tags that they’re being asked 
to affix to all pallets and cases 
shipped to its three distribu- 
tion centers in the Dallas/Fort 


| Worth area by January. For- 
rester estimated that only 25% 
of the suppliers will be able to 
fully comply with the require- 
ments on time. 

Wal-Mart continues to 
maintain that the deadline is 
realistic. In a message posted 
last week on the company’s 
RetailLink extranet site for 
suppliers, CIO Linda Dillman 
stated that Wal-Mart is “on 
track to have in excess of 100 
suppliers tagging cases and 
pallets by January. ... The re- 
sponse from our suppliers is 
exceeding our expectations 
and demonstrates how com- 
pelling RFID can be within 
one’s own supply chain.” 

But at an RFID conference in 
Chicago, some of Wal-Mart’s 
top-tier suppliers said that 








NEWS 


| they are confronting technical 


hurdles in pilot projects and 
that they are struggling to find 
a return on investment, at 
least in the near term. 

Tom Torre, associate direc- 
tor of business-to-business 
supply chain innovation at 
Procter & Gamble Co. in 
Cincinnati, said executives at 
P&G will work over the next 
four months to “understand 
what the value proposition is.” 
He pointed to the ability to 
capture tag data from retailers 
as a key potential benefit, say- 
ing it could give P&G better 
insight about sales. 

But Torre said the high cost 
of RFID tags is a problem. He 
noted that tags are nowhere 
near the 5 cent target set by 
Wal-Mart. Volume prices can 


Drug Companies Try to Make RFID Work 


Wal-Mart's first RFID deadline 
applied to only a small subset of 
its suppliers: pharmaceutical 
companies that handle prescrip- 
tion drugs classified as Class II 
narcotics. But their experiences 
shed some light on the issues 
that users face as they try to in- 
corporate the technology into 
their supply chains. 

Jonathan Loretto, global tech- 
nology lead for RFID at Cap 
Gemini Ernst & Young, noted that 
the U.S. Food and Drug Adminis- 
tration announced in February its 
plan for using RFID devices to 
track the distribution of prescrip- 
tion drugs [QuickLink 44911]. 

Pharmaceutical companies 
are still trying to sort out the best 
way to meet both the FDA and 
retail mandates, according to 
Loretto. “You can’t just comply 
with Wal-Mart,” he said. 

Loretto said Cap Gemini is 
helping four pharmaceutical 
clients to meet their legal and 
commercial requirements while 
also fulfilling their business goals 
for RFID, “which is obviously to 
make a profit and get a return 
on investment.” 

He claimed that companies 


can expect a return within an 18- 
to-24-month time frame, but it 
won't come from simply imple- 
menting the tags, readers and IT 
infrastructure for RFID. !t will re- 
quire business process transfor- 
mation in order for them to see 
reductions in labor and logistics 
costs, supply chain assets and 
out-of-stock items, Loretto said. 

“RFID is just getting started,” 
said Bryant Haskins, a spokes- 
man for New York-based Pfizer 
Inc. “We think RFID offers a lot 
of opportunities, but there’s still 
a lot of unanswered questions to 
work through.” 

Pfizer didn’t have to comply 
with Wal-Mart's March 31 dead- 
line because it doesn't ship Class 
Il narcotics to the retailer, ac- 
cording to Haskins. But RFID has 
the potential to help pharmaceu- 
tical companies such as Pfizer 
curb counterfeiting by enabling 
them to track drugs through the 
supply chain, he said. 

The FDA is calling for the 
widespread use of RFID technol- 
ogy by 2007. Pfizer has joined 
other major pharmaceutical 
companies in a program called 
Jump Start, which Accenture 


Ltd. forged to help drug makers 
get started with RFID projects. 
“We are certainly supportive 
of the FDA’s efforts, and we are 
moving ahead,” said Haskins. 
“But we don’t think it’s going to 
be a quick and easy process.” 
Kara Romanow, an analyst at 
AMR Research Inc., said the 
pharmaceutical companies she’s 
working with are making good 
progress on RFID, although 
most didn’t meet the Wal-Mart 
deadline. “The technology is just 
not ready - 10% to 12% of tags 
dead on arrival, and 5% to 10% 
more dying en route to Wal- 
Mart,” she explained. “These 
guys have an extra challenge in 
that the bottles are relatively 
small compared to large cases, 
and the FDA is very particular 
about labels, so they can’t just 
cover anything on the bottle.” 
Wal-Mart spokesman Gus 
Whitcomb declined to disclose 
the number of pharmaceutical 
suppliers that failed to meet the 
March 31 deadline. Asked if there 
will be any consequences for 
them, he said, “Partners work to- 
gether privately to solve issues.” 
- Carol Sliwa 








| range from 18 cents to 40 


cents apiece, according to in- 
dustry sources. 

“You're not going to get ROI 
immediately,” said Mark Engle, 
director of IT at Campbell 


; Soup Co. in Camden, N.J. He 


added that Campbell views the 


| incorporation of RFID tech- 


nology as “tactical in nature” 
to meet the requirements of 


| major customers like Wal-Mart. 


Identity Crisis 
Cost isn’t the only challenge 
confronting suppliers. Engle 
said RFID technology current- 
ly comes up short on identify- 
ing tags affixed to cases that 
are on the inside of pallets. 
P&G discovered through its 


pilot tests that RFID technolo- | 


gy has trouble handling metals 
and liquids, according to 
Torre. Foil-wrapped packages 
of Cascade dish detergent pre- 
sent the toughest challenge 
because the foil repels RF sig- 
nals transmitted by tag read- 
ers, he said. Liquid detergents 
also fall into the “RF-unfriend- 
ly” category because liquids 
absorb RF signals, he added. 

Mike O’Shea, director of 
corporate AutoID/RFID strate- 
gies at Kimberly-Clark Corp. 
in Irving, Texas, said his com- 
pany has found putting RFID 
tags on cases and pallets of 
baby wipes to be daunting be- 
cause the wipes have the char- 
acteristics of “a wet brick.” 

Despite the problems, Kim- 
berly-Clark eventually expects 
to realize a benefit from RFID. 
But O’Shea predicted that it 
will take three or four years be- 
fore use of the technology in 
corporate supply chains reach- 
es a “critical mass.” 

Gartner analyst Jeff Woods 
predicted that Wal-Mart will 
see partial compliance by Jan- 
uary, but he doesn’t think 
most of the top suppliers will 
be able to tag all their pallets 
and cases at 100% read rates. 
“That’s not going to happen,” 
he said. “Most people will 
support Wal-Mart in some 
way in 2005. But they’re not 
going to support all commodi- 





COMPUTERWORLD April 5, 2004 49 


Wal-Mart’s 
RFID Deadlines 


MARCH 31 
Eighteen pharmaceutical suppliers 
were due to start putting RFID 
tags on shipping warehouse 
packs of Class ll narcotics, but 
not all of them met the deadline. 


JANUARY 2005 
The retailer's top 100 suppliers 
have been directed to put tags 
on all pallets and cases going to 
three distribution centers in 


Texas, with 100% readability. 


ties, and they’re not going to 


} jump through hoops for a 
| business case that only bene- 


fits Wal-Mart.” 

But Gus Whitcomb, a 
spokesman for Wal-Mart, 
said only two of the top 100 
suppliers have informed the 
company that meeting the Jan- 
uary deadline will present a 
significant challenge. “It has 
nothing to do with RFID,” he 
said. “It has to do with other 
internal events inside their 


companies.” 


Whitcomb added that an 
additional 37 companies that 
don’t face the mandate have 
told Wal-Mart they’re working 
to meet the deadline anyway. 

He emphasized that Wal- 
Mart views the RFID initiative 
as a partnership with its sup- 
pliers. Suppliers that are hav- 
ing trouble meeting the dead- 
lines are being urged to dis- 
cuss their problems “early on” 
with Wal-Mart “so that we can 
see if we can work with them 
on a solution,” Whitcomb said. 


@ 45928 
Transportation security officials eye use 
of RFID tags on airline boarding passes: 


Delta Air Lines begins its second test of 
using RFID technology to track luggage: 


QuickLink 45915 
www.computerworld.com 





Periodical postage paid at Framingham, Mass., and other mailing offices. Posted under Canadian Internationa! Publication agreement #40063800. CANADIAN POSTMASTER: Please return undeliverable copy to PO Box 1632, Windsor, Ontario NSA 7C9. Computerworld (ISSN 0010-4841) is published 
weekly: except a single combined issue for the last two weeks in December by Computerworld, inc., 500 Old Connecticut Path, Box 9171, Framingham, Mass. 01701-9171. Copyright 2004 by Computerworld Inc. All rights reserved. Computerworld can be purchased on microfilm and microfiche through Uni- 
versity Microfilms inc., 300 N. Zeeb Road. Ann Arbor, Mich. 48106. Computerworld is indexed. Back issues, if available, may be purchased from the circulation department. Photocopy rights: permission to photocopy for internal or personal use is granted by Computerworld Inc. for libraries and other users 


registered with the Copyright Clearance Center (CCC), provided that the base fee of $3 per copy of the article, plus SO cents per page. is paid directly to Copyright Clearance Center, 27 Congress St.. Salem, Mass. 01970. Reprints (minimum 100 copies) and 
permission to reprint may be purchased from Renew Smith, Computerworld Reprints, c/o Reprint Management Services, Greenfieid Corporate Center, 1808 Colonial Village Lane, Lancaster, Pa., 17601, (717) 399-1900, Ext. 172. Fax: (717) 399-8900. Web site: 
www. reprintbuyer.com. E-mail: reprints@computerworid.com. Requests for missing issues will be honored only if received within 60 days of issue date. Subscription rates: $5 per copy: U.S. - $99.99 per year: Canada - $130 per year; Central & So. America. 
$250 per year; Europe - $295 per year; all other countries - $295 per year. Subscriptions call toll-free (888) 559-7327. POSTMASTER: Send Form 3579 (Change of Address) to Computerworld, PO Box 3500, Northbrook, Ill, 60065-3500. 


BPA ABM & 





46 COMPUTERWORLD April 5, 2004 


FRANK HAY! 


THE BACK PAGE 


S # FRANKLY SPEAKING 


ITAAs Job Dream 


ERE’S A COMFORTING BEDTIME STORY: Offshoring 
won't just save companies money. It will also create 
jobs. And reduce inflation. And grow the economy. 
Those are the top-line conclusions of a new report 
from the Information Technology Association of 
America, the IT vendors’ lobbying group (see story, page 1). 
Just don’t read very far past that top line — at least, not if you 


want to get any sleep tonight. 


See, the report says those new jobs won’t be IT jobs. And that 


reduced inflation will come in part from lower 
pay — “wage compression,” as it’s charmingly 
dubbed by the report’s principal author, Global 


Insight Inc. chief economist Nariman Behravesh. 


And that economic growth depends on the 
willingness of the foreign employees who get 
our offshored jobs to spend their paychecks on 
U.S.-made exports. 

Don’t take my word for it. It’s all in the re- 
port, brought to you by the people who, just a 
few years ago, were saying that the U.S. desper- 
ately needed to increase its IT workforce. Yes, 
really. Since early 2000, the ITAA has predicted 
the creation of more than 4 million new U.S. IT 
jobs — 1.8 million of which would go begging 
because there just wouldn’t be enough IT peo- 
ple to fill them. 

How many new U.S. IT jobs have actually 
been created since 2000? According to the 
ITAA’s own annual jobs report, maybe 400,000. 

But wait — according to this new report, 
since the dot-com bubble burst in 2000, a total 
of 372,000 software and IT services jobs have 
been lost in the U.S. (Only 104,000 were lost to 
offshoring; the rest went because of the reces- 
sion, productivity gains and an end to what the 
report calls “overhiring.”) 

The new report also predicts that “in the 
software and services area, the 
economy will create 516,000 jobs 
over the next five years in an envi- 
ronment with global sourcing but 
only 490,000 without it. Of these 
516,000 new jobs, 272,000 will go 
offshore and 244,000 will remain 
onshore. Thus the U.S. IT work- 
force will continue to grow.” 

So, let’s do the math: Without off- 
shoring, the U.S. gets 490,000 new 


loss since 2000 of 128,000 U.S. IT jobs. Some 
growth, eh? 

Yes, there will be new jobs — in education, 
health services, transportation, utilities and 
construction, all areas where the work can’t 
easily be shipped overseas. They just won’t be 
jobs in IT. 

At least that’s what the ITAA’s offshoring re- 
port says. Is it true? Well, remember that this 
report is driven by politics every bit as much as 
the ITAA’s wildly optimistic job-growth esti- 
mates of a few years ago. 

Back then, the ITAA was lobbying for more 
H-1B visas, and its jobs survey miraculously 
showed a spectacular increase in the number of 
U.S. IT job openings about to be created. Now 
the ITAA is lobbying against restrictions on off- 
shoring. And, amazingly, its new report con- 
cludes that offshoring will do everything but 
whiten teeth and freshen breath. 

So if you’re a techie, you may be able to sleep 
a little easier. After all, you already know what 
you need to do in order to dodge the offshoring 
bullet: build up your business skills, increase 
your face time with users and generally become 
the kind of IT person whose job can’t easily be 
shipped overseas. 

And if you’re an IT manager or CIO? Then 


ary Yue it’s not so easy. See, some people 


will take this report seriously. Like 
your best techies, who may decide 
to bail out of a shrinking IT job 
market. Or the brightest students, 
who may conclude that IT is a 
dead end and opt for business or 
law or medicine instead. 

That could leave you with the loss 
of your best people and not enough 
new kids coming in to replace 


IT jobs in the next five years, a net 
increase since 2000 of 118,000 U.S. 
IT jobs. With offshoring, the U.S. 
gets 244,000 new IT jobs — a net 


FRANK HAYES, Computer- 
world's senior news colum- 
nist, has covered IT for more 
than 20 years. Contact him at 


them — a staffing nightmare, cour- 

tesy of the ITAA’s fumbled efforts 

to hype the benefits of offshoring. 
Pleasant dreams. @ 45887 





www.computerworld.com 


She’s Baaaaaaaack! 

This site's network is hit by the Netsky worm, which 
begins sending infected e-mails that appear to be 
from people in users’ address books. “Apparently, 
some people hadn't cleaned out their address books 
for quite a while,” says pilot fish. “One lady received an 
e-mail that said it was from a co-worker who had 
passed away a year before. The subject line was ‘I'm 
Se one ee 


Shhbh! 
School district's 


puter students 
don’t hack into the dis- 


IT pilot fish. “Students 
now have access to the 
entire school network. 
We just aren't mention- 
ing this to IT.” 


Tape Solution 
Laptops of traveling 
users at this company 
are set up for both dial- 
up and broadband con- 
nections, but everyone 


complains that the high- 


right. “I couldn't under- 
stand why, so | tested 


and retested until | stum- : 
bled across the problem,” : 


says pilot fish. “Users 


would connect to a high- 
speed line, then also try : 
to connect through their 


dial-up modems. | re- 


trained all my users, but : 


the calls continued to 
come in - until | taped 


HARK Protity 
make reser, TANK Yes. 


Security con- 
sultant pilot 
fish plugs his 


: laptop into a government 
: client’s network to run 

? his online demo. “In the 
: first minute, my laptop 

: Security software regis- 
; by MS-Blaster, SQL 

? worms, all from local 

: LAN addresses,” fish 


says. “My sales guy asks 


: the client whether he 
: Was aware of the ‘un- 
less hubs,” reports non- : 
: his office, and if he’d 
? The client says, ‘No, we 
: don’t have budget for 
? that’ - and that’s the 
: end of that!” 


: But It’s There 

? This client stresses the 
: importance of security - 
? everything has to be 


healthy atmosphere’ in 


FEED THE SHARK! Send your true tale of IT life to 

sharky@computerworld.com. You snag a snazzy 
Shark shirt if we use it. And check out the daily feed, browse 
the Sharkives and sign up for Shark Tank home delivery at 
computerworld.com/sharky. 





Bet a car ee ae ie 

& Gh ew poet fom loos tele Window te 

Oe Get 4B = B@ o- wre + 2 A Weesttewtemm - 12 + 
1S 2 Sere ee cn oma ete 


ean eee 2. 4 . 2 las otal aes ne 


Microsoft IT and employee services had a bright idea. 
They chose Xerox to manage their imaging and output devices 
worldwide. Now help desk calls are down. So are costs. 
There’s a new way to look at it. 


Microsoft's global print environment was becoming hard to control. Existing assets were leveraged, and new digital technologies were 
Instead of diverting energies from their core competencies to solve recommended. Today, Xerox manages all of Microsoft's output 
the problem, they partnered with Xerox. Xerox recommended an devices, both Xerox and non-Xerox. Xerox mans their help desk, 
Office Document Assessment (ODA), which uses Six Sigma method- which relies on CentreWare” Web device management software to 
ologies. Microsoft’s workflow process was examined using ODA monitor the system 24/7. Uptime is way up. Costs are way down. 
metrics, and solutions were customized to fit the needs of Help desk calls are fewer, and user satisfaction is higher than ever. 


Microsoft’s IT staff, worldwide employees, and management. To find out what Xerox can do for you, call us or visit our website today. 


ex > 
Learn more: xerox.com/learn For a sales rep: 1-800-ASK-XEROX ext. LEARN a 


) 2004 XEROX CORPORATION. All rights reserved. XEROX? The Docu * Cent e” and There's a new way to look at it are trademarks of XEROX CORPORATION. M ft, the Xi ROX 


Office logo, PowerPoint, Word, Excel! the Windows logo, anc re gistered trademarks ademarks V ‘orpor e United States 





Introducing the new Microsoft Office System. 


Now users can do more for themselves so you can focus 
on the important things. With Microsoft® Windows“ 
SharePoint™ Services, Microsoft Office SharePoint Portal 
Server 2003, and Microsoft Office Live Communications 
Server 2003, users can easily search across their company 
to find existing information, all while directly and securely 
connecting to those in the know. Leaving you with less time 
spent on their issues, and more time spent on your own. 
For more information, go to microsoft.com/officelT 


Microsoft wa 


Your potential. Our passion. 


Microsoft More than what it used to be, Microsoft Office is now an 
Office System integrated system of programs, servers, services, and solutions 


Programs Servers 


Access 2003 PowerPoint® 2003 Project Server 2003 
Excel 2003 Project 2003 Live Communications 
FrontPage® 2003 Publisher 2003 mane 
InfoPath™ 2003 —_—-Visio® 2003 Franny ae 
2003 

OneNote™ 2003 Word 2003 : M 1 

vare it Porta 
Outlook® 2003 


Enabling Technologies: 
Windows Server™ 2003, Windows® 
Rights Management Services 


© 2003 Microsoft Corporation. All rights reserved. Microsoft, FrontPage, InfoPath, the Office logo, OneNote, Outlook, PowerPoint, SharePoint, Windows, Window 
Server, Visio, and “Your potential. Our passion.” are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries 


Services 


Live Meeting 
Office Online 


Solutions 


Solution Accelerators 


Microsoft ata ad 


Offic 








